10 matches found
CVE-2021-27043
An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order to exploit this the attacker would need the victim to enable full page heap in the application...
EUVD-2021-1074
Malware in sbrugna...
CVE-2022-1460
An issue has been discovered in GitLab affecting all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not performing correct authorizations on scheduled pipelines allowing a malicious user to run a...
CVE-2025-21083
Mattermost Mobile Apps versions =2.22.0 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post...
withdrawFee() can be called multiple times by any user when quest has ended making it possible to drain contract and leave users unable to claim rewards
Lines of code Vulnerability details Impact The withdrawFee function in the Erc20Quest contract can be called multiple times. The modifier onlyAdminWithdrawAfterEnd is applied to the function which only makes it possible to call it after the end time of a quest. It should be noted that any user is...
VMware多个产品本地权限提升漏洞
BUGTRAQ ID: 53006 CVE ID: CVE-2012-1518 VMware是一个“虚拟PC”软件,它使你可以在一台机器上同时运行二个或更多Windows、DOS、LINUX系统。 多个VMware产品在实现中存在本地权限提升漏洞,可被恶意用户利用以提升的权限在Windows客户端操作系统上执行任意代码。 0 VMWare VMWare Workstation 8.0.1 VMWare Player 4.0.1 VMWare Fusion 4.1.1 VMWare ESX 4.1 VMWare ESX 4.0 VMWare ESX 3.5 VMWare ESXi 5.0...
Captaris Infinite Mobile Delivery Webmail 2.6 - Full Path Disclosure
Captaris Infinite Mobile Delivery Webmail 2.6 - Full Path Disclosure source: https://www.securityfocus.com/bid/12399/info Infinite Mobile Delivery Webmail is reportedly affected by a path disclosure vulnerability. This issue could permit a malicious user to expose the root path of the affected...
LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilities
/ source: https://www.securityfocus.com/bid/9712/info Multiple buffer overflow vulnerabilities exist in the environment variable handling of LBreakout2. The issue is due to an insufficient boundary checking of certain environment variables used by the affected application. A malicious user may...
OpenLinux 2.32.4 RedHat 6.06.1 SCO eServer 2.3 - Denial of Service
OpenLinux 2.32.4 RedHat 6.06.1 SCO eServer 2.3 - Denial of Service // source: https://www.securityfocus.com/bid/1377/info gpm is a program that allows Linux users to use the mouse in virtual consoles. It communicates with a device, /dev/gpmctl, via unix domain STREAM sockets and is vulnerable to ...
Symantec PCAnywhere32 8.0 - Denial of Service
source: https://www.securityfocus.com/bid/288/info Servers running PCAnywhere32 with TCP/IP networking are subject to a Denial of Service attack that will hang the server at 100% CPU utilization. A malicious user may initiate this DoS by connecting to tcp port 5631 on the PCAnywhere server input ...