309 matches found
CVE-2019-18824
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used...
CVE-2012-0051
Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval...
PYSEC-2019-253
Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval...
CVE-2012-0051
Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval...
CVE-2012-0051
Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval...
RUSTSEC-2019-0018 Internally mutating methods take immutable ref self
Affected versions of this crate exposed several methods which took self by immutable reference, despite the requesting the RenderDoc API to set a mutable value internally. This is technically unsound and calling these methods from multiple threads without synchronization could lead to unexpected...
Authorization Bypass
java is vulnerable to authorization bypass. The vulnerability exists as CanonicalizerBase.java allows untrusted code to access mutable byte arrays...
Liberapay: Import of repositories from GitHub is tied to username instead of immutable ID
When a user verifies a Github account at /edit/elsewhere the final result is a Github username tied to a Liberapay account. The issue is Github usernames are mutable. Consider the scenario. 1. I create an account called ed-liberapay something likely to be claimed in the future 2. Verify that I ow...
RUSTSEC-2018-0019 Multiple memory safety issues
Affected versions contain multiple memory safety issues, such as: - Unsoundly coercing immutable references to mutable references - Unsoundly extending lifetimes of strings - Adding the Send marker trait to objects that cannot be safely sent between threads This may result in a variety of memory...
Multiple memory safety issues
Affected versions contain multiple memory safety issues, such as: - Unsoundly coercing immutable references to mutable references - Unsoundly extending lifetimes of strings - Adding the Send marker trait to objects that cannot be safely sent between threads This may result in a variety of memory...
Malicious Code Vulnerability Due To Allowing Access To Mutable Objects
gateway is vulnerable to a malicious code vulnerability. The vulnerability exists because it is allowing access to mutable objects by not using final keyword appropriately in the code...
Caching best practices & max-age gotchas
Getting caching right yields huge performance benefits, saves bandwidth, and reduces server costs, but many sites half-arse their caching, creating race conditions resulting in interdependent resources getting out of sync. The vast majority of best-practice caching falls into one of two patterns:...
OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that...
OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that...
OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that...
OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that...
OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that...
OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that...
OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that...
CVE-2013-5910
Summary of CVE-2013-5910 (Oracle Java/JRE) : Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 that could affect integrity via unknown vectors related to Security. IBM and related advisories (e.g., CVEs list in IBM pages) indicate this CVE is included...