CVE-2022-26676

aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use the API function to upload and execute malicious scripts to control the system or disrupt service...

DoS: Attacker May Front-Run CoreFactory.createProject() Or CoreFactory.addCollection() With A collection.id Causing Future Transactions With The Same collection.id to Revert

Lines of code Vulnerability details Impact A collection.id may only be used once in CoreFactory.createCollection since the the contract is deployed using the create2 opcode with a repeated salt and contract bytecode will fail to deploy a contract. Furthermore, the modifier onlyAvailableCollection...

DoS: Attacker May Front-Run createSplit() With A merkleRoot Causing Future Transactions With The Same merkleRoot to Revert

Lines of code Vulnerability details Impact A merkleRoot may only be used once in createSplit since it is used as salt to the deployment of a SplitProxy. The result is an attacker may front-run any createSplit transaction in the mem pool and create another createSplit transaction with a higher gas...

DoS: Attacker May Front-Run CoreFactory.createProject() With A _projectId Causing Future Transactions With The Same _projectId to Revert

Lines of code Vulnerability details Impact A projectId may only be used once in CoreFactory.createProject since the modifier onlyAvailableProject will revert if project.creator != 0. The result is an attacker may front-run any createProject transaction in the mem pool and create another...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Docker $ sudo docker build -t . $ sudo...

CVE-2022-0343

A local attacker, as a different local user, may be able to send a HTTP request to 127.0.0.1:10000 after the user typically a developer manually invoked the ./tools/run-dev-server script. It is recommended to upgrade to any version beyond 24.2...

CVE-2022-0343

A local attacker, as a different local user, may be able to send a HTTP request to 127.0.0.1:10000 after the user typically a developer manually invoked the ./tools/run-dev-server script. It is recommended to upgrade to any version beyond 24.2...

Design/Logic Flaw

A local attacker, as a different local user, may be able to send a HTTP request to 127.0.0.1:10000 after the user typically a developer manually invoked the ./tools/run-dev-server script. It is recommended to upgrade to any version beyond 24.2...

workflow-cps: Password parameters are included from the original build in replayed builds

A flaw was found in Jenkins. The Pipeline: Groovy Plugin includes password parameters from the original build in replayed builds. This flaw allows attackers with run/replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

workflow-cps: Password parameters are included from the original build in replayed builds

A flaw was found in Jenkins. The Pipeline: Groovy Plugin includes password parameters from the original build in replayed builds. This flaw allows attackers with run/replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

Microsoft Windows CSRSS Security Feature Bypass Vulnerability

The Client-Server Run-time Subsystem CSRSS in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application...

Microsoft Office 365 Apps for Enterprise RCE Vulnerability (Nov 2021)

This host is missing an important security update according to Microsoft Office Click-to-Run updates SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Microsoft Office 365 (2019 Click-to-Run) Multiple RCE Vulnerabilities (Sep 2021)

This host is missing an important security update according to Microsoft Office Click-to-Run updates SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Microsoft Office 365 (2019 Click-to-Run) Multiple RCE Vulnerabilities (Oct 2021)

This host is missing an important security update according to Microsoft Office Click-to-Run updates SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2021-3589

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

Gradio 安全漏洞

gradio is an open source framework. gradio is vulnerable to arbitrary code injection. The vulnerability automatically runs these commands and can be exploited by an attacker to run arbitrary commands on a user's computer...

Out-of-bounds

In bpfprogtestrunskb of testrun.c, there is a possible out of bounds read due to Incorrect Size Value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

PT-2022-4284 · Google +1 · Android Kernel +1

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to a possible out of bounds read in the bpf prog test run skb function of test run.c due to an incorrect size value. This could lead to local informatio...

Mustang Panda targets European diplomats using enhanced PlugX backdoor

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Mustang Panda, a Chinese cyberespionage group, has been targeting European diplomats with a revised version of the PlugX backdoor in an ongoing campaign linked to the ongoing conflict in Ukraine. The group, also known as...

A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.

...