167 matches found
The vulnerability of the display functions for hash functions of the application, as well as the export of audit logs and software for marking ballots with the ImageCast X device, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the hashing functions in software for ImageCast X labeling devices relates to changes in certification data or measurement reports. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...
The vulnerability of the ImageCast X ballot marking device’s software, related to access control errors, allows a violator to execute arbitrary code.
The vulnerability of the ImageCast X ballot marking device’s software is related to access control errors. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code using a specially created binary file with the setuid flag...
GSD-2022-1002540 objtool: Mark __ubsan_handle_builtin_unreachable() as noreturn
objtool: Mark ubsanhandlebuiltinunreachable as noreturn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...
A queued proposal will never be executed
Lines of code Vulnerability details All the relevant fields for a proposal is set in queue but executed is marked as true, even before the proposal is even queued. When it comes time to execute a proposal, this will be impossible since state will always return ProposalState.Executed. The conditio...
PT-2022-3892
Name of the Vulnerable Software and Affected Versions Dominion Voting Systems ImageCast X affected versions not specified Description The issue is related to the incorrect validation of cryptographic signatures in the terminal emulator software of the ImageCast X ballot marking device. This could...
GHSA-2FMV-J5XJ-4FMQ Moodle Reveals Student Information Meant To Be Anonymous
The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by 1 using a screen reader or 2 reading the HTML source...
Moodle Reveals Student Information Meant To Be Anonymous
The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by 1 using a screen reader or 2 reading the HTML source...
CVE-2022-1064
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1...
RHEL 7 : java-11-openjdk (RHSA-2022:0204)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0204 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...
kernel security, bug fix, and enhancement update
4.18.0-348.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...
SQL Injection Vulnerability in the Joint Exam Version of Xi'an Runge Electronic Technology Co.
The business scope of Xi'an Runge Electronic Technology Co., Ltd. includes: sales of electronic products, computer software and hardware; computer software, electronic products and so on. Xi'an Runge Electronic Technology Co., Ltd. marking cloud platform joint examination version of the SQL...
U.S. Dept Of Defense: CUI labled and ████ Restricted pdf on █████
Description: A file labeled with the following "CONTROLLED BY: ██████████ CUI ████: ███ ████████ Was discovered and based on public information ███████ CUI marking it appears it shouldn't be publicly available either. If i am wrong about the markings please correct me. References...
File Upload Vulnerability in Ke Xun Web-based Marking System
Anhui Kexun Education Equipment Co., Ltd. is mainly engaged in campus card, intelligent campus, intelligent campus information system, library self-borrowing and returning. A file upload vulnerability exists in Kexun's web-based marking system, which can be exploited by attackers to obtain server...
Hebei Nanhao High-tech Development Co., Ltd. online marking system has a file upload vulnerability
Online marking system is an online marking system developed by Hebei Nanhao High-tech Development Co. There is a file upload vulnerability in the online marking system of Hebei Nanhao High-Tech Development Co., Ltd. that can be exploited by attackers to obtain server control privileges...
Information leakage vulnerability in JINHANG's online marking system
JINHANG online marking system can provide a variety of performance analysis reports based on the measurement of students, classes, schools, grades, teachers, subjects, knowledge points, etc., and can provide a comprehensive analysis of the results of each student's previous examinations. There is...
SQL Injection Vulnerability in Runge Marking System of Chengdu Runge Unlimited Technology Co.
Chengdu R&G Unlimited Technology Co., Ltd. was founded on June 07, 2013, the company was mainly engaged in cross-platform 3D game engine research and development at the beginning of the company's business, after nearly a few years of technological precipitation of the company is currently engaged...
Georgia’s Ballot-Marking Devices
Andrew Appel discusses Georgias voting machines, how the paper ballots facilitated a recount, and the problem with automatic ballot-marking devices: Suppose the polling-place optical scanners had been hacked enough to change the outcome. Then this would have been detected in the audit, and in...
SQL Injection Vulnerability in Nanjing Huaiyu Technology Online Marking System
Since 2002, Nanjing Huaiyu Technology Co., Ltd. has been committed to the use of computer hardware and software technology, opto-mechanical technology, pattern recognition and other technologies to develop, produce and sell for the field of education cursor readers and online marking and other...
SQL Injection Vulnerability in Runge Marking System
Chengdu R&G Unlimited Technology Co., Ltd. is a company engaged in the research and development, sales of computer hardware and software, electronic products and provide technical services, technical consulting. A SQL injection vulnerability exists in the Runge Marking System, which can be...
Nanhao Online Marking System SQL Injection Vulnerability
Nanhao online marking system is an online marking system developed by Hebei Nanhao High-tech Development Co. Nanhao online marking system SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information...