The vulnerabilities of NETGEAR Wi-Fi router microprogramming systems, including models D3600, D6000, D6200, D6220, D6400, D7000, D7000v2, D7800, D8500, DC112A, DGN2200v4, DGND2200Bv4, DM200, EX3700, EX3800, EX6120, EX6130, EX7000, PR2000, R6220, R6230, R6250, R6300v2, R6400, R6400v2, R6700, R6700v3, R6900, R7000, R7100LG, R7500v2, R7900P, R8000P, R8900, R9000, RBK20, RBK40, RBK50, RBR20, RBR40, RBR50, RBS20, RBS40, RBS50, WN3000RPv2, WNDR3400v3, WNR2000v5, WNR2020, WNR3500Lv2, XR450, XR500… are related to errors in security settings. These errors allow attackers to compromise the integrity, accessibility, and confidentiality of the protected information.

The vulnerabilities of NETGEAR Wi-Fi router software models D3600, D6000, D6200, D6220, D6400, D7000, D7000v2, D7800, D8500, DC112A, DGN2200v4, DGND2200Bv4, DM200, EX3700, EX3800, EX6120, EX6130, EX7000, PR2000, R6220, R6230, R6250, R6300v2, R6400, R6400v2, R6700, R6700v3, R6900, R7000, R7100LG,...

Debian: Security Advisory (DLA-2895-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux kernel denial-of-service vulnerability (CNVD-2022-07641)

Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux, of which KVM is a kernel-based virtual machine. Linux kernel suffers from a denial-of-service vulnerability, which stems from the possibility that the KVM subsystem may mishandle a memory error that...

Debian: Security Advisory (DLA-2885-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-XP7P-3GX7-J6WX calibre-web is vulnerable to Business Logic Errors

calibre-web is vulnerable to Business Logic Errors...

calibre-web is vulnerable to Business Logic Errors

calibre-web is vulnerable to Business Logic Errors...

Session fixation

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvmfreelapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with...

CVE-2021-4032

CVE-2021-4032 affects the Linux kernel KVM: arch/x86/kvm/lapic.c kvm_free_lapic. A failure during memory allocation when constructing a VCPU can mishandle memory errors, causing a kernel crash and enabling local-privilege attackers to trigger a denial of service. The issue exists in kernel versio...

CVE-2021-4032

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvmfreelapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with...

CVE-2021-4032

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvmfreelapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. Google Chrome is vulnerable to resource management errors, which can be exploited by attackers to perform sandbox escapes through carefully crafted HTML pages...

chaskiq Cross-Site Scripting Vulnerability (CNVD-2022-08227)

Chaskiq is an open source messaging platform. It is used for marketing, support and sales. chaskiq suffers from a cross-site scripting vulnerability that stems from the fact that chaskiq is vulnerable to input errors during web page generation "cross-site scripting". An attacker could exploit thi...

The vulnerability of the Adobe InCopy text creation and editing software, related to pointer aliasing errors, allows a hacker to trigger a service failure.

The vulnerability of the Adobe InCopy text creation and editing software is related to pointer aliasing errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2021-4146

Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6...

CVE-2021-4146

Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6...

Code injection

Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6...

CVE-2021-4146 Business Logic Errors in pimcore/pimcore

Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6...

CVE-2021-4146

CVE-2021-4146 relates to Business Logic Errors in pimcore/pimcore prior to version 10.2.6. Multiple connected advisories describe a flaw where discount logic can yield negative amounts, enabling unintended behavior in pricing (e.g., negative cart discounts). The issue stems from insufficient inpu...

Oracle Java SE和Oracle GraalVM 输入验证错误漏洞

Oracle Java SE is an Oracle Corporation USA product for developing and deploying Java applications on desktops, servers, and embedded devices and in real-time environments.Oracle Java SE is vulnerable to an input validation error that could be exploited by an attacker to potentially cause an...

CVE-2021-4171

calibre-web is vulnerable to Business Logic Errors...