Design/Logic Flaw

Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. NOTE: Citrix disputes the reported behavior as not a security issue. Citrix ADC only caches HTTP/1.1 traffic for performance optimization...

CVE-2020-10111

Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. NOTE: Citrix disputes the reported behavior as not a security issue. Citrix ADC only caches HTTP/1.1 traffic for performance optimization...

CVE-2020-10111

CVE-2020-10111 affects Citrix Gateway 11.1, 12.0, and 12.1 with Inconsistent Interpretation of HTTP Requests (CWE-444). The issue relates to caching of HTTP/1.1 traffic by Citrix ADC for performance, with Citrix disputing it as a security issue. Several advisories/feeds describe a cache bypass vu...

CVE-2020-3859

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen...

CVE-2020-3833

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.5. Visiting a malicious website may lead to address bar spoofing...

Design/Logic Flaw

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen...

CVE-2020-3859

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen...

Licensing Error: "Inconsistent Server Host ID"

When importing a license file in the XenApp 6.0 License Administration Console, the following error occurs: Inconsistent server host ID in C:\Program Files x86\Citrix\Licensing\MyFiles\licensexxxxxxx.lic...

CVE-2019-8667

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6. The encryption status of a Time Machine backup may be incorrect...

CVE-2019-8667

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6. The encryption status of a Time Machine backup may be incorrect...

CVE-2019-8654

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.1. Visiting a malicious website may lead to user interface spoofing...

Design/Logic Flaw

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.1. Visiting a malicious website may lead to user interface spoofing...

CVE-2019-8667

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6. The encryption status of a Time Machine backup may be incorrect...

CVE-2019-8670

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6, Safari 12.1.2. Visiting a malicious website may lead to address bar spoofing...

CVE-2019-8670

CVE-2019-8670 is an Apple Safari/WebKit UI vulnerability: an inconsistent user interface issue addressed with improved state management. It affects macOS Mojave 10.14.6 and Safari 12.1.2; visiting a malicious site could lead to address bar spoofing. The issue is fixed in those updates (Safari 12....

Product update: Virtuozzo 7.0 Update 12 Hotfix 1 (7.0.12-338)

The Hotfix 1 for Virtuozzo 7.0 Update 12 provides stability and usability bug fixes. It also introduces a new kernel 3.10.0-1062.4.2.vz7.116.7. Vulnerability id: PSBM-100079, PSBM-100093 VMs with inconsistent bitmaps could not be migrated. Vulnerability id: PSBM-100158 Kernel memory leak on VM st...

Timing Attack

simplito/elliptic-php is vulnerable to timing attack. The bit-length of the scalar is leaked during scalar multiplication on an elloptic curve, which can result in the recovery of the long-term private key generated by the library, due to inconsistent time during generation...

poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...

Microsoft Windows NTFS Privileged File Access Enumeration Exploit

Microsoft Windows suffers from an NTFS privileged file access enumeration vulnerability. Attackers possessing user-only rights can gather intelligence or profile other user account activities by brute forcing a correct file name due to inconsistent error messaging. + Credits: John Page aka...

JDK: Failure to privatize a value pulled out of the loop by versioning

All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the...