The vulnerability of the Damage Cleanup Engine in the Trend Micro Maximum Security antivirus protection software allows a malicious actor to enhance their privileges.

The vulnerability of the Damage Cleanup Engine in the Trend Micro Maximum Security antivirus software is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow attackers to increase their privileges...

CVE-2020-22662

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

CVE-2022-48191

A vulnerability exists in Trend Micro Maximum Security 2022 17.7 wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowin...

CVE-2022-48191

A vulnerability exists in Trend Micro Maximum Security 2022 17.7 wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowin...

Xxe

A vulnerability exists in Trend Micro Maximum Security 2022 17.7 wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowin...

Trend Micro Maximum Security 安全漏洞

Trend Micro Maximum Security is a set of computer security protection software from Trend Micro. The software includes virus detection, malware protection, and authentication protection. A security vulnerability exists in Trend Micro Maximum Security version 2022 17.7. An attacker could exploit t...

PT-2023-11636 · Ruckus · Smartcell Gateway 200 +12

Name of the Vulnerable Software and Affected Versions: Ruckus R310 version 10.5.1.0.199 Ruckus R500 version 10.5.1.0.199 Ruckus R600 version 10.5.1.0.199 Ruckus T300 version 10.5.1.0.199 Ruckus T301n version 10.5.1.0.199 Ruckus T301s version 10.5.1.0.199 SmartCell Gateway 200 SCG200 versions prio...

Ruckus Networks 多款产品命令注入漏洞

Ruckus Networks Unleashed C110 is a wireless LAN product from Ruckus Networks, Inc. A security vulnerability exists in various RUCKUS Networks products that originates from a remote code execution command injection that alters and sets unauthorized "illegal region codes", resulting in the operati...

Inadequate Maximum Orders Value in Determining Minimum Buy Amount Per Order

Lines of code Vulnerability details Impact The MAXORDERS constant is defined as a uint96, which has a maximum value of 2^96-1. This means that the maximum number of orders that the contract is able to handle is 2^96-1. However, if the number of orders exceeds this maximum value, the calculation f...

CVE-2020-22662

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

CVE-2022-48191

A vulnerability exists in Trend Micro Maximum Security 2022 17.7 wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowin...

CVE-2022-48191

A vulnerability exists in Trend Micro Maximum Security 2022 17.7 wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowin...

CVE-2022-48191

CVE-2022-48191 affects Trend Micro Maximum Security 2022 (17.7). The flaw is in the Damage Cleanup Engine: a low-privileged user can write a malicious executable to a specific location and, during deletion/restoration, an attacker could replace the original folder with a mount point to an arbitra...

Unbounded Chainlink oracle time delay vulnerability

Lines of code Vulnerability details Summary The contract OndoPriceOracleV2 allows for the owner to set an association between an fToken and a Chainlink oracle for price retrieval. The contract also allows the owner to set a maxmum amount of time delay that it will tolerate from all Chainlink...

PT-2025-54080

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc1-00330-g60cc1f7d0605 Description The Linux kernel contained a flaw in the net/sched/sch taprio module where the TCA TAPRIO ATTR SCHED CYCLE TIME attribute was not properly limited to INT MAX. This result...

Users can bypass the maxWinPercent limit using a partially closing

Lines of code Vulnerability details Impact Users can bypass the maxWinPercent limit using a partial closing. As a result, users can receive more funds than their upper limit from the protocol. Proof of Concept As we can see from the documentation, there is limitation of a maximum PnL. Maximum PnL...

CVE-2022-3881

CVE-2022-3881 concerns the WordPress WPTools plugin, affected versions before 3.43. The issue is improper authorization and CSRF in an AJAX action, allowing any authenticated user (e.g., a subscriber) to install and activate arbitrary plugins from wordpress.org. Root cause: missing CSRF/authoriza...

Price can deviate by much more than maxDeviationRate

Lines of code Vulnerability details Description NFTFloorOracle retrieves ERC721 prices for ParaSpace. maxPriceDeviation is a configurable parameter, which limits the change percentage from current price to a new feed update. function checkValidityaddress asset, uint256 twap internal view returns...

overflow in buy function

Lines of code Vulnerability details Impact the function doesn't check if the input is more the supply Proof of Concept the function doesn't have any condition check of amount Tools Used manually Recommended Mitigation Steps check the input for maximum or requirement for max supply --- The text wa...

overflow in buy function

Lines of code Vulnerability details Impact the function doesn't check if the input is more the supply Proof of Concept the function doesn't have any condition check of amount Tools Used manually Recommended Mitigation Steps check the input for maximum or requirement for max supply --- The text wa...