Cross site request forgery (csrf)

The WP OAuth Server OAuth Authentication WordPress plugin before 4.3.0 has a flawed CSRF and authorisation check when deleting a client, which could allow any authenticated users, such as subscriber to delete arbitrary client...

The vulnerability of Cisco IOS operating system loaders, related to security mechanism deficiencies, allows attackers to trigger service failures.

The vulnerability of Cisco IOS operating system loaders is related to security mechanisms that are flawed. Exploiting this vulnerability can allow attackers to cause service failures...

_calculateMaltRequiredForExit makes wrong calculations

Handle 0x0x0x Vulnerability details Proof of concept calculateMaltRequiredForExit calculates the quantity of malts returned. uint256 maltQuantity = userMaltPurchased.mulamount.divuserCommitment; uint256 fullReturn = maltQuantity.mulcurrentPrice / pegPrice; userMaltPurchased / userCommitment...

in bookstackapp/bookstack

Description The image extension validation service for Base64 image extraction in new Bookstack version is flawed as it uses the vulnerable trim function. This allows attackers to upload malicious files with broken extension, such as pngr, and browsers will interpret broken extension hosted on th...