VT-d: Failure to quarantine devices in !HVM builds

ISSUE DESCRIPTION Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen. IMPACT When a device is removed from a domain, it is not properly quarantined and retains its access to the domain...

CVE-2023-22651

Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into th...

PT-2023-2916 · Suse · Suse Rancher

Name of the Vulnerable Software and Affected Versions: SUSE Rancher versions 2.6.x through 2.7.x Description: The issue is related to improper privilege management in SUSE Rancher, allowing privilege escalation. A failure in the update logic of Rancher's admission Webhook may lead to the...

Design/Logic Flaw

Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Certly: Business logic Failure - Browser cache management and logout vulnerability in Certly

1.login the account. 2. browse any tabs or anything in the site 3. logout the account 4.click the back browser button and you are able to see the all previous page Related Topic: https://hackerone.com/reports/7909...

Localize: Business logic Failure - Browser cache management and logout vulnerability.

Vulnerability class: Business logic Failure - Browser cache management and logout vulnerability. Vulnerability impact: Logging out from an application does not clear the browser cache of any sensitive information that have been stored. Steps to reproduce: 1. Login to portal. 2.browse few tabs 3...