EUVD-2025-7252

Malicious code in bioql PyPI...

CVE-2024-48227

Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service DOS...

GHSA-R9V5-Q97M-RJ5G Logic flaw in Funadmin

Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service DOS...

Logic flaw in Funadmin

Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service DOS...

CVE-2024-48227

Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service DOS...

CVE-2024-48227

Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service DOS...

CVE-2024-48227

CVE-2024-48227 concerns Funadmin 5.0.2, where a logical flaw in the Curd one-click command deletion function can cause a Denial of Service (DOS). The available documents identify the affected software and the faulty delete logic as the root cause, and they consistently describe impact as DoS. No ...

CVE-2024-44337

A flaw was found in the github.com/gomarkdown/markdown Golang library. There is a logical problem with the paragraph function of the parser/block.go file. This flaw allows a remote attacker to trigger a denial of service DoS by providing a specially crafted input, causing an infinite loop...

Design/Logic Flaw

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation if the server runs with extended privileges, or...

Insecure Direct Object Reference

nextjs is vulnerable to Insecure Direct Object Reference Vulnerability. The vulnerability is due to a logical flaw within the auth function in the App Router, and getAuth within the Pages Router. This issue can be exploited by an attacker to gain unauthorized access or conduct privilege escalatio...

Design/Logic Flaw

Home assistant is an open source home automation. The audit team’s analyses confirmed that the redirecturi and clientid are alterable when logging in. Consequently, the code parameter utilized to fetch the accesstoken post-authentication will be sent to the URL specified in the aforementioned...

Denial of service

A flaw was found in Binutils. A logic fail in the bfdinitsectiondecompressstatus function may lead to the use of an uninitialized variable that can cause a crash and local denial of service...

Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-72138)

LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...

Context not implemented as per need of the code

Lines of code Vulnerability details Impact Logical and mathematical flaws might occur due to lack of the check . Proof of Concept As per comment in: //check if the withdrawal occured after mostRecentWithdrawalBlockNumber but no check is involved in the code which would cause mathematical flaws in...

Design/Logic Flaw

A vulnerability, which was classified as problematic, has been found in JiangMin Antivirus 16.2.2022.418. Affected by this issue is the function 0x222000 in the library kvcore.sys of the component IOCTL Handler. The manipulation leads to denial of service. Local access is required to approach thi...

Logical flaws in the internship training management system of Beijing Century Super Star Information Technology Development Co.

Beijing Century Super Star Information Technology Development Co., Ltd. is an education informatization enterprise driven by technology, product and service innovation. There is a logic flaw vulnerability in the internship training management system of Beijing Century Super Star Information...

Design/Logic Flaw

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.40. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...

Design/Logic Flaw

Attacker crafts a GET request to: /mobile/downloadfile.aspx? Filename =../.. /windows/boot.ini the LFI is UNAUTHENTICATED...

PalmRu Technology Services Limited RuVolunteer Intelligent Filling System Has Logic Flaw Vulnerability

Such as volunteering is a lightweight, and simple atmosphere, education big data products, is located in the comprehensive assessment, comprehensive query, simulation of filling in, multiple college guidance and other all-round coverage, to help companies from 0 to 1, a one-stop understanding of...

Logic Flaw Vulnerability in Water Resources Information System of Siltronic Ltd.

Siltronic Ltd. is an information service provider for disaster reduction and profitability. There is a logic flaw vulnerability in the water information system of Sicron Technology Limited, which can be exploited by an attacker to log in to any account and obtain sensitive information...