75 matches found
The vulnerability of iOS, tvOS, and watchOS operating systems lies in a logical error during authentication processes, which allows attackers to bypass authenticity checks.
The vulnerability of iOS, tvOS, and watchOS operating systems is related to a logical error during the authentication process. Exploiting this vulnerability can allow an attacker to bypass authenticity checks...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9215)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9215 advisory. - btrfs: fix race when cloning extent buffer during rewind of an old root Filipe Manana Orabug: 32669454 CVE-2021-28964 - xen-blkback: don't leak...
Decoder Error
VideoLAN VLC media player is vulnerable to logical error. it allows an attacker to cause a denial of service memory corruption through a crafted image file...
The vulnerability of Intel Converged Security and Manageability Engine’s microprogramming software, related to a logical error, allows attackers to escalate their privileges and expose sensitive information.
The vulnerability of Intel Converged Security and Manageability Engine CSME is related to a logical error. Exploiting this vulnerability can allow attackers to enhance their privileges and expose sensitive information...
The vulnerability of Intel Server Platform Services’ microprogramming software, related to a logical error, allows attackers to trigger a service failure.
The vulnerability of Intel Server Platform Services’ microprogramming software is related to a logical error. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2019-12659
A vulnerability in the HTTP server code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the HTTP server to crash. The vulnerability is due to a logical error in the logging mechanism. An attacker could exploit this vulnerability by generating a high amount of...
The vulnerability of the Cisco StarOS operating system’s packet handler, which allows a hacker to trigger a service failure
The vulnerability of the Cisco StarOS operating system’s packet processor is related to a logical error in packet processing. Exploiting this vulnerability allows an attacker to trigger a Denial-of-Service attack by sending a specially crafted sequence of packets...
Out-Of-Bounds Read
PHP is vulnerable to out-of-bounds reads. The vulnerability exists in matchat during regular expression searching because of a logical error involving order of validation and access in matchat...
Successfully acquired WinRAR 19-year-old code-execution vulnerability-a vulnerability warning-the black bar safety net
In this paper, we describes how to use the WinAFL fuzz testing tool Find WinRAR in the logic error, and use it to completely control the volatile trap host story. The vulnerability only by extracting a carefully constructed archive file can be successfully exploited, so that more than 5 billion...
CVE-2018-20129: DedeCMS V5. 7 SP2 front Desk file upload getshell vulnerability alerts-a vulnerability alert-the black bar safety net
2018-12-11 in CVE Chinese application station published a DEDECMS 5.7 SP2 is the latest version there is a file upload vulnerability, with administrator privileges can exploit this vulnerability to upload and getshell execute arbitrary PHP code. After analysis and verification. The vulnerability...
beescms 一处逻辑错误
No description provided by source...
CVE-2017-9339
A logical error in ownCloud Server before 10.0.2 caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token...
Share tokens for public calendars disclosed - ownCloud
A logical error caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token. Affected Software ownCloud Server 10.0.2 CVE-2017-9339 Action Taken The error has been fixed and regression test...
Nextcloud 'Calender and Addressbook' Information Disclosure Vulnerability - Linux
Nextcloud is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Stack overflow
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could result in an...
CVE-2017-9224
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could result in an...
FreeBSD : asterisk -- Buffer Overrun in PJSIP transaction layer (0537afa3-3ce0-11e7-bf9d-001999f8d30b)
The Asterisk project reports : A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By...
CVE-2017-0894
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token...
CVE-2017-0894
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token...
Calendar and addressbook names disclosed (NC-SA-2017-012)
A logical error caused disclosure of calendar and addressbook names to other logged-in users. Note that no actual content of the calendar and adressbook has been disclosed...