The vulnerability of software for creating a private VPN client, related to errors in system settings or configuration, allows a hacker to execute arbitrary code or enhance their privileges.

The vulnerability of software for creating a private OpenVPN-client virtual network is related to errors in system settings or configuration. Exploiting this vulnerability allows an attacker to execute arbitrary code or gain increased privileges...

The vulnerability of the Telnet service in JunOS Evolved operating systems allows a perpetrator to influence the integrity and confidentiality of the protected information.

The vulnerability of the Telnet service in JunOS Evolved operating systems is related to initialization errors. Exploiting this vulnerability can allow a malicious actor to influence the integrity and confidentiality of the protected information...

Apple Mac OS X Security Update (HT213054)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-24032

Adenza AxiomSL ControllerView through 10.8.1 is vulnerable to user enumeration. An attacker can identify valid usernames on the platform because a failed login attempt produces a different error message when the username is valid...

CVE-2022-24032

Adenza AxiomSL ControllerView through 10.8.1 is vulnerable to user enumeration. An attacker can identify valid usernames on the platform because a failed login attempt produces a different error message when the username is valid...

PT-2022-16426 · Adenza · Adenza Axiomsl Controllerview

Name of the Vulnerable Software and Affected Versions: Adenza AxiomSL ControllerView versions through 10.8.1 Description: The issue allows an attacker to identify valid usernames on the platform due to a difference in error messages produced by failed login attempts when the username is valid...

Adenza AxiomSL 安全漏洞

Adenza AxiomSL is a risk and regulatory reporting platform from Adenza USA. A security vulnerability exists in Adenza AxiomSL ControllerView that allows an attacker to recognize a valid username on the platform, as failed login attempts generate a different error message when the username is vali...

CVE-2021-40338

Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that enables debug mode and reveals the full path of the filesystem directory when an attacker generates errors during a query operation. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24;...

Business Logic Errors in dolibarr/dolibarr

Description Dolibarr is vulnerable to Business Logic Errors in the Weight, Length x Width x Height, Area, Volume fields of a Product since these values can be negative numbers. Proof of Concept 1.After login, in the top menu bar, click Products 2.In the left menu bar, click List to view the list ...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. When reusing a socket with an attached dccpshctxccid as a listener, the socket will be used after being released leading to denial of service DoS or a potential code execution. The highest threat from this vulnerability is to data...

Mageia: Security Advisory (MGASA-2015-0176)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2013-0185)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: kernel

Issue Overview: A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in the way the user calls ioctl DRMIOCTLNOUVEAUCHANNELALLOC. This flaw allows a local user to crash the system. CVE-2020-25639 An issue was discovered in the Linux kernel 3.11 through...

Nextcloud Android app information disclosure vulnerability (CNVD-2022-18414)

Nextcloud Android app is an Android-based mobile application for accessing Nextcloud servers from the German company Nextcloud. information disclosure in versions of Nextcloud Android app prior to 3.17.1, the vulnerability stems from a network system or product that has a configuration and other...

Reolink RLC-410W Information Disclosure Vulnerability

Reolink Rlc-410W is a Wifi security camera from Reolink China. reolink RLC-410W in v3.0.0.13620121102 is vulnerable to information disclosure, which stems from information disclosure due to web server configuration errors. An attacker could use this vulnerability to obtain sensitive information...

Business Logic Errors in crater-invoice/crater

Description It is found that comapny currency can not be changed since the field is disabled as shown in the screenshot but it can be changed by tampering the parameter. Proof of Concept Actual Request POST /api/v1/company/settings HTTP/1.1 Host: demo.craterapp.com User-Agent: Mozilla/5.0 Windows...

GHSA-54HW-MHGH-X4VC Business Logic Errors in pimcore

In pimcore versions prior to 10.2.9 discounts could be negative resulting in unintended behavior...

Business Logic Errors in pimcore

In pimcore versions prior to 10.2.9 discounts could be negative resulting in unintended behavior...

Dontgo403 - Tool To Bypass 40X Response Codes

dontgo403 is a tool to bypass 40X errors. Installation git clone https://github.com/devploit/dontgo403; cd dontgo403; go get; go build Customization If you want to edit or add new bypasses, you can add it directly to the specific file in payloads folder and the tool will use it. Options custom...

The vulnerabilities of NETGEAR Wi-Fi router software models D7800, EX6250, EX7700, LBR20, RBS50Y, R8900, R9000, XR450, XR500, XR700, EX7320, RAX120, EX7300v2, RAX120v2, EX6410, RBR10, RBR20, RBR40, RBR50, and EX6420, RBS10, RBS20, RBS40, RBS50, EX6400v2, RBK12, RBK20, RBK40, RBK50 stem from security configuration errors. These errors allow attackers to compromise the integrity, accessibility, and confidentiality of protected information.

The vulnerabilities of NETGEAR Wi-Fi router software models D7800, EX6250, EX7700, LBR20, RBS50Y, R8900, R9000, XR450, XR500, XR700, EX7320, RAX120, EX7300v2, RAX120v2, EX6410, RBR10, RBR20, RBR40, RBR50, and EX6420, RBS10, RBS20, RBS40, RBS50, EX6400v2, RBK12, RBK20, RBK40, RBK50 are related to...