9455 matches found
Input validation
In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much larger processi...
Franklin Fueling System TS-550
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Franklin Fueling System Equipment : TS-550 Vulnerability : Use of Password Hash with Insufficient Computational Effort 2. RISK EVALUATION Successful...
Red Lion Crimson
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Red Lion Equipment : FlexEdge Gateway, DA50A, DA70A running Crimson Vulnerability : Improper Neutralization of Null Byte or NUL Character 2. RISK EVALUATION Successful exploitation of this...
visuality.de Improper Access Control vulnerability OBB-3771576
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Exploit for Incorrect Authorization in Atlassian Confluence_Data_Center
CVE-2023-22518 Improper Authorization Vulnerability in Conflue...
Debian: Security Advisory (DSA-5540-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.
The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...
Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.
The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...
Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.
The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...
Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.
The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...
Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.
The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...
Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.
The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...
Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.
The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...
Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.
The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...
Oracle Linux 7 : firefox (ELSA-2023-6162)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-6162 advisory. - Add fix for CVE-2023-44488 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...
Users will retain possession of their USDe after redeeming collateral
Lines of code Vulnerability details Impact Users will retain possession of their USDe after redeeming their collateral this can lead to theft/loss of funds. Proof of Concept See belo for the coded POC. The benefactor and the beneficiary in the Order struct containing order details and confirmatio...
RHEL 8 : firefox (RHSA-2023:6187)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6187 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
RHEL 8 : thunderbird (RHSA-2023:6196)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6196 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.4.1. Security Fixes: Mozilla:...
CVE-2023-45867
ILIAS 2013-09-12 release contains a medium-criticality Directory Traversal local file inclusion vulnerability in the ScormAicc module. An attacker with a privileged account, typically holding the tutor role, can exploit this to gain unauthorized access to and potentially retrieve confidential fil...
Centralite Pearl Thermostat
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Centralite Equipment : Pearl Thermostat Vulnerability : Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this...