433 matches found
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-1924)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-32075
The Customer Management Framework CMF for Pimcore adds functionality for customer data management. In pimcore/customer-management-framework-bundle prior to version 3.3.9, business logic errors are possible in the Conditions tab since the counter can be a negative number. This vulnerability is...
Pimcore vulnerable to Business Logic Errors via Customer automation rules
Impact Business Logic Errors in the Conditions tab since the counter can be a negative number. This vulnerability is capable of the unlogic in the counter value in the Conditions tab. Patches Update to version 3.3.9 or apply this patch manually...
GHSA-X99J-R8VV-GWWJ Pimcore vulnerable to Business Logic Errors via Customer automation rules
Impact Business Logic Errors in the Conditions tab since the counter can be a negative number. This vulnerability is capable of the unlogic in the counter value in the Conditions tab. Patches Update to version 3.3.9 or apply this patch manually...
CVE-2023-32075 Pimcore vulnerable to Business Logic Errors in Customer automation rules
The Customer Management Framework CMF for Pimcore adds functionality for customer data management. In pimcore/customer-management-framework-bundle prior to version 3.3.9, business logic errors are possible in the Conditions tab since the counter can be a negative number. This vulnerability is...
CVE-2023-32075 Pimcore vulnerable to Business Logic Errors in Customer automation rules
The Customer Management Framework CMF for Pimcore adds functionality for customer data management. In pimcore/customer-management-framework-bundle prior to version 3.3.9, business logic errors are possible in the Conditions tab since the counter can be a negative number. This vulnerability is...
CVE-2023-32075 Pimcore vulnerable to Business Logic Errors in Customer automation rules
The Customer Management Framework CMF for Pimcore adds functionality for customer data management. In pimcore/customer-management-framework-bundle prior to version 3.3.9, business logic errors are possible in the Conditions tab since the counter can be a negative number. This vulnerability is...
CVE-2023-32075
Summary of CVE-2023-32075: The Pimcore CMF’s customer-management-framework-bundle is affected in versions before 3.3.9. A business-logic flaw in the Conditions tab allows the counter value to become negative, leading to unlogic in the UI/logic. The issue is fixed in version 3.3.9; patch guidance ...
Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2023-163)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-163 advisory. A NULL pointer dereference exists when parsing invalid XML schemas in libxml2 xmlSchemaCheckCOSSTDerivedOK CVE-2023-28484 libxml2 Hashing of empty dict strings isn't deterministic. When hashing...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-1660)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-29469
A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors...
libxml2 资源管理错误漏洞
libxml2 is an open source library used to parse XML documents . It is written in C, and can be called for a variety of languages, such as C, C++, XSH. A security vulnerability exists in libxml2 versions prior to 2.10.4. An attacker could exploit this vulnerability to cause various logic or memory...
CVE-2023-1887
Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
Code injection
Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
CVE-2023-1887 Business Logic Errors in thorsten/phpmyfaq
Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
CVE-2023-1887
CVE-2023-1887 affects thorsten/phpmyfaq prior to 3.1.12. The vulnerability stems from business logic errors that let users with edit-only permissions add/delete categories and add FAQs. The issue is fixed in version 3.1.12. Affected versions before 3.1.12 should upgrade to 3.1.12 or apply the ven...
CVE-2023-1887 Business Logic Errors in thorsten/phpmyfaq
Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
CVE-2023-1887 Business Logic Errors in thorsten/phpmyfaq
Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
Answer vulnerable to Business Logic Errors
Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...
Answer vulnerable to Business Logic Errors
Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...