Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability

Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication, an attacker is...

Users will retain possession of their USDe after redeeming collateral

Lines of code Vulnerability details Impact Users will retain possession of their USDe after redeeming their collateral this can lead to theft/loss of funds. Proof of Concept See belo for the coded POC. The benefactor and the beneficiary in the Order struct containing order details and confirmatio...

Stack overflow

TP-LINK TL-WR886N V7.03.0.14Build221115Rel.56908n.bin was discovered to contain a stack overflow via the function chkResetVeriRegister...

CVE-2023-46373

TP-Link TL-WDR7660 2.0.30 has a stack overflow vulnerability via the function deviceInfoJsonToBincauses...

Anyone can call replenishReserves(...) (token version) to repay borrowed reserves with reserves

Lines of code Vulnerability details Impact The replenishReservestoken, ... can be called by anyone. Proof of Concept The NATSPEC comment in the IBranchPort states the replenishReservestoken, ... can only be called by the port strategy itself as shown below / @notice allow approved address to repa...

SonicWALL NetExtender Security Vulnerabilities

SonicWALL NetExtender is a software application from SonicWALL USA that allows remote users to connect to remote networks in a secure manner. Provides simple and secure access for Windows and Linux users. A security vulnerability exists in SonicWALL NetExtender that stems from the presence of a...

CVE-2023-43323

mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, datawallphoto, datauserShareVideo and datauserShareLink...

Authentication flaw

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local attacker to change update source, potentially leading to remote code execution when the attacker force an update containing malicious content...

Enhancesoft osTicket SQL Injection Vulnerability

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. A security vulnerability exists in Enhancesoft osTicket v1.15.6, which originates from an SQL injection vulnerability in the Search function of the tickets.php page, allowing an authenticated attacker to execute...

Authentication flaw

A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated...

The vulnerability of the FUN_00010824 function in D-Link DIR-880 A1 router microprogramming software allows a hacker to induce a service failure.

The vulnerability of the FUN00010824 function in D-Link DIR-880 A1 microprogrammed router software is related to pointer assignment errors. Exploiting this vulnerability could allow a malicious actor to cause service failure...

CVE-2020-22217

Buffer overflow vulnerability in c-ares before 1161 thru 1170 via function aresparsesoareply in aresparsesoareply.c...

CVE-2020-18770

An issue was discovered in function zzipdiskentrytofileheader in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service...

CVE-2022-40433

Removed by vendor...

CVE-2023-39660

An issue in Gaberiele Venturi pandasai v.0.8.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the prompt function...

The vulnerability of the dumpppp function in the pppdump/pppdump.c component of the Point-to-Point Ppp protocol allows a hacker to gain access to confidential data, compromise its integrity, and cause service failure.

The vulnerability of the dumpppp function in the pppdump/pppdump.c component of the Point-to-Point Ppp protocol is related to the issue of the operation’s output going beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to gain access to confidential...

CVE-2023-36847

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication an...

The vulnerability of the copy function for essential data provided by the supplier to business partners of the SAP Supplier Relationship Management application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the copy function for the supplier’s main data for application partners of SAP Supplier Relationship Management relates to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access...

Out Of Bounds Read

htmodoc is vulnerable to Out of Bounds flaw. The vulnerability is due poor memory management in the parsetree function of toc.cxx, which results in memory address leakage and an application crash, resulting in Denial of Service...

CVE-2023-37721

Tenda F1202 V1.0BRV1.2.0.20408, FH1202V1.2.0.19EN were discovered to contain a stack overflow in the page parameter in the function fromSafeMacFilter...