Adobe Acrobat 2017 Security Update (APSB22-01) - Windows

Adobe Acrobat Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...

The vulnerability of the Apache module for web application security enhancement, modsecurity-apache, related to errors in processing JSON objects, allows attackers to cause service failures.

The vulnerability of the Apache module for enhancing web application security, modsecurity-apache, is related to errors in processing JSON objects. Exploiting this vulnerability can allow a malicious actor to perform a denial-of-service attack...

How Can You Leave Log4J in 2021?

With the last month of 2021 dominated by the log4J vulnerabilities discovery, publication, and patches popping up in rapid succession, odds are you have patched your system against Log4J exploitation attempts. At least some systems, if not all. You might even have installed the latest patch – at...

Business Logic Errors

dolibarr/dolibarr is vulnerable to business logic errors. An attacker can exploit this flaw by providing a negative price amount to the create function in don.class.php as it does not properly check user input negative price amounts...

Business Logic Errors in silverstripe/silverstripe-framework

Description SilverStripe Framework is vulnerable to Business Logic Errors in the Failed login count since that value can be a negative number. Proof of Concept 1.After login, go to Security page under the path /admin/security/ 2.Click on any member record 3.In the member edit form, enter a negati...

Adobe Acrobat Reader 缓冲区错误漏洞

Adobe Acrobat is a set of PDF file editing and conversion tools from Adobe. Adobe Acrobat and Reader is vulnerable to a buffer overflow vulnerability that stems from a boundary error when handling untrusted input. A remote attacker could exploit the vulnerability to create a specially crafted PDF...

PT-2022-1510 · Microsoft · Windows Extensible Firmware Interface +1

Name of the Vulnerable Software and Affected Versions: Windows Extensible Firmware Interface affected versions not specified Description: The issue is related to errors in authorization when accessing files in the EFI section, which can lead to a denial-of-service condition. This can be exploited...

CVE-2021-32996

The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required...

Design/Logic Flaw

The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required...

Dolibarr 输入验证错误漏洞

Dolibarr is a software application. A modern software package that helps manage your organization's activities. Dolibarr suffers from an input validation error vulnerability that stems from Dolibarr being prone to business logic errors...

The vulnerability of the Google Chrome web app installer allows a hacker to manipulate the URL input by using a specially created HTML page.

The vulnerability of the Google Chrome WebApp installer is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a malicious actor to manipulate the URL input using a specially created HTML page...

PT-2022-13010 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: dolibarr affected versions not specified Description: The issue concerns an improper validation of specified quantity in input, leading to business logic errors. This occurs because the application does not check the input of price numbers,...

The vulnerability in the user interface of the basic authentication mechanism for Google Chrome allows a hacker to manipulate the URL input by using a specially created HTML page.

The vulnerability of the basic authentication user interface of Google Chrome is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to forge the URL content using a specially created HTML page...

Business Logic Errors in dolibarr/dolibarr

Description The application does not check the input of price number lead to Business Logic error through negative price amount. Proof of Concept 1. Go to Product and Services area htdocs/product/index.php 2. Create a new or edit an item, insert a negative amount into Selling price field. Also in...

CVE-2021-32996

CVE-2021-32996 affects FANUC R-30iA/R-30iB family controllers (and related mate/Plus variants) as documented by ICS-TIP and CISA: vulnerable component is integer coercion (CWE-192) that can crash the device, with a related out-of-bounds write (CWE-787) potentially enabling remote code execution. ...

CVE-2021-32996

The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required...

Iterating over large count numbers can cause out of gas errors

Handle jayjonah8 Vulnerability details Impact In XDEFIDistributionHelper.sol the getAllTokensForAccount function iterates over the count and performs actions on each iteration. Iterating over large arrays can cause out of gas failures and so the count number should be checked or limited to a max...

The vulnerability of Bitdefender Total Security and Bitdefender Endpoint Security Tools’ anti-virus protection mechanisms, related to errors in access control, allows attackers to escalate their privileges.

The vulnerability of Bitdefender Total Security and Bitdefender Endpoint Security Tools BEST lies in errors related to access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of Sumavision Enhanced Multimedia Router’s microprogramming software, related to security mechanism failures, allows attackers to create arbitrary users with elevated privileges.

The vulnerability of Sumavision Enhanced Multimedia Router’s microprogramming software is related to security mechanism errors. Exploiting this vulnerability allows a malicious actor to create arbitrary users with elevated privileges by using the command setString = newuser administrator 123456...

Google Chrome资源管理错误漏洞

Google Chrome is a Web browser from Google, Inc. Google Chrome is vulnerable to resource management errors that could be exploited by remote attackers to trick victims into accessing specially designed Web pages and obtain sensitive information...