433 matches found
CVE-2023-29294
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation ...
Security feature bypass
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation ...
CVE-2023-29294
Summary: CVE-2023-29294 affects Adobe Commerce (and Magento) versions 2.4.6 and earlier, 2.4.5-p2 and earlier, and 2.4.4-p3 and earlier. It is described as a business logic error that could allow a low-privilege attacker to bypass a security feature without user interaction. The CVE entry cites a...
CVE-2023-29294 Bypass Purchase Order Approval using Company User in Adobe Commerce B2B
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation ...
CVE-2023-3229
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...
CVE-2023-3228
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...
CVE-2023-3228
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...
CVE-2023-3229
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...
Design/Logic Flaw
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...
CVE-2023-3229 Business Logic Errors in fossbilling/fossbilling
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...
CVE-2023-3228 Business Logic Errors in fossbilling/fossbilling
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...
CVE-2023-3229 Business Logic Errors in fossbilling/fossbilling
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...
CVE-2023-3229 Business Logic Errors in fossbilling/fossbilling
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...
CVE-2023-3228 Business Logic Errors in fossbilling/fossbilling
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...
CVE-2023-3228
CVE-2023-3228 concerns fossbilling/fossbilling prior to 0.5.0 and is evidenced by a risk described in connected Huntr documentation: a business logic flaw where an attacker can modify the product ID during order processing to bypass the main product requirement and directly purchase an addon. Aff...
CVE-2023-3229
The vulnerability CVE-2023-3229 affects fossbilling/fossbilling prior to 0.5.0. Concrete details from connected sources show a business-logic flaw that allows continuing to place orders for a product after it has been disabled, via API requests. Root cause: logic that does not correctly enforce p...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2212)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.11.0 : libxml2 (EulerOS-SA-2023-2091)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option...
Ubuntu 23.04 : libxml2 vulnerabilities (USN-6028-2)
The remote Ubuntu 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6028-2 advisory. USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. Tenable has extracted the preceding description...
EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2023-1924)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option...