3702 matches found
WordPress Checkout Mestres WP Plugin <= 7.1.9.7 is vulnerable to Privilege Escalation
Software Checkout Mestres WP Type Plugin Vulnerable versions = 7.1.9.7 Fixed in 7.1.9.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-51472 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 9fb8ab95cc18 Credits...
The vulnerability of the `chunk_free_object` function in the `gsmchunk.c` component of the Ghostscript software suite allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the chunkfreeobject function in the gsmchunk.c component of the Ghostscript document processing software lies in the handling of buffer overflows. Exploitation of this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even...
The vulnerability of the Django web application platform, related to uncontrolled resource consumption, allows attackers to trigger service failures.
The vulnerability of the Django web application framework is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the Zabbix universal monitoring system, related to logging beyond buffer boundaries, allows a intruder to trigger a service failure.
The vulnerability of the Zabbix universal monitoring system is related to logging beyond buffer boundaries. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...
The vulnerability of the Expat XML parsing library lies in the improper limitation on XML references to external objects. This allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Expat XML parsing library is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures...
The vulnerability of the Django web application software lies in the fact that code is loaded without any checks for its integrity. This allows attackers to access sensitive data, compromise its integrity, and cause service failures.
The vulnerability of the Django web application framework lies in the fact that code is loaded without any checks for its integrity. Exploiting this vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause service failures...
The vulnerability of the engineer mode of Unisoc microprogrammed software processors allows a hacker to trigger a service failure.
The vulnerability of the engineer mode of Unisoc microprogrammed chipset software is related to unverified array indexing. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the Apache Dubbo RPC framework, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code or cause service failures.
The vulnerability of the Apache Dubbo RPC framework is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures...
CVE-2023-6918
A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...
AZL-34943 CVE-2023-6918 affecting package libssh for versions less than 0.10.6-1
A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...
AZL-32199 CVE-2023-6918 affecting package libssh for versions less than 0.10.6-1
A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...
CVE-2023-6918
A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...
Design/Logic Flaw
A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...
UBUNTU-CVE-2023-6918
A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...
The vulnerability of the CSS parser for Node.js’s css-tools arises from insufficient validation of input data, allowing attackers to trigger a service failure.
The vulnerability of the CSS parser for Node.js’s css-tools is related to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to cause service failures...
CVE-2023-6918
CVE-2023-6918 affects the libssh library where MD operation backends do not properly check return values, potentially causing low-memory failures, NULL dereferences, crashes, or using uninitialized memory as input to the KDF. This can lead to non-matching keys resulting in decryption/integrity fa...
CVE-2023-6918 Libssh: missing checks for return values for digests
A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...
CVE-2023-6918 Libssh: missing checks for return values for digests
A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...
CVE-2023-6918
A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...
The vulnerability of embedded software developed by Qualcomm, related to deficiencies in the use of the assert() function, allows attackers to trigger a service failure.
The vulnerability of embedded software developed for Qualcomm chips lies in the improper implementation of the channel bandwidth division mechanism and the switching between subbands when performing Beam Switching. This occurs due to the use of the assert function. Exploiting this vulnerability c...