BIT-TENSORFLOW-2022-23585 Memory leak in decoding PNG images in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., &decode, the decode value contains allocated buffers which can only be freed by calling...

CVE-2023-49543

Incorrect access control in Book Store Management System v1 allows attackers to access unauthorized pages and execute administrative functions without authenticating...

[H-01] Ocean contract and onERC1155Received function is vulnerable to read only reentrancy

Lines of code Vulnerability details Impact The Ocean contract and onERC1155Received function is vulnerable to read only reentrancy when read from another contract. The order of function execution when called externally from the onERC1155Received function in the Ocean contract is as follows. The...

zenstruck collections 注入漏洞

zenstruck collections is a set of helpers for iterating/paging/filtering collections from the zenstruck project. An injection vulnerability exists in zenstruck collections that stems from passing callable strings e.g., system leading to function execution...

An expired parameter is required because there may be slippage in the calculation.

Lines of code Vulnerability details Impact Due to changes in interest rates, failure to process transactions in a timely manner may result in missing out on ideal rewards. Proof of Concept The calculation of the clainRewards function involves interest rates, which are variable. If...

UBUNTU-CVE-2023-30088

An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjsexecute function in mjs.c...

Authorization

In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non-administrative role and a common remote execution authorization can use a vulnerable interface to execute an application function to perform actions which they would not normally be permitted to perform...

WordPress plugin ContentStudio 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

Important: postgresql

Issue Overview: A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as...

VulnCheck KEV: CVE-2022-22536

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the...

SAP Multiple Products HTTP Request Smuggling Vulnerability

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the...

CVE-2022-2314

The VR Calendar WordPress plugin through 2.3.2 lets any user execute arbitrary PHP functions on the site...

WordPress plugin VR Calendar 操作系统命令注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An operating system command injection...

lack of validating transfer of tokens entered by the user or by the initialize() function

Lines of code Vulnerability details Impact As we have not defined the token implementation, it should be validated that token.transferadmin, balance; return true. This is important, since the transaction could not be carried out and the function executed as correct. In the comments of the code it...

Upgraded Q -> H from 63 [1655008277948]

Judge has assessed an item in Issue 63 as High risk. The relevant finding follows: Function Splitter:incrementWindow is executed by vault:sendToSplitter transfered tokens is pushed into balanceForWindow array and window is incremented, but the function can be executed by any contract and more tha...

CVE-2022-22536

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the...

applyCover() Does Not Enforce Index Market Lock

Handle leastwood Vulnerability details Impact The applyCover function is called by the insurance pool owner and intends to store data related to an insurance incident. Upon function execution, applyCover iterates over all available index markets and calls lock, denying all deposits and withdrawal...

Command Execution Vulnerability in Yimin Love Stocks

Yimeng love stock speculation is Yimeng efforts to create, the first support for stock speculation personality customization of lightweight stock speculation software. The EML AiShaoware has a command execution vulnerability that can be exploited by an attacker to inject an executable DLL file in...

Command Execution Vulnerability in Pleasant Book PDF Reader

Yuet Book PDF Reader is a Shenzhen Ivy Technology Co., Ltd. developed a universal PDF reader, support for PDF, pictures, PSD, office documents, programming documents, such as tens of thousands of file formats, work and study a good helper. Yuet Book PDF Reader there is a command execution...

postgresql: Multiple features escape "security restricted operation" sandbox

A flaw was found in postgresql. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...