32 matches found
CVE-2024-1223 Improper authorization controls in PaperCut NG/MF
This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid usernames, device names and an internal system key. For such an attack to be successful the system must be in ...
PT-2024-17496 · Papercut · Papercut Ng
Name of the Vulnerable Software and Affected Versions: PaperCut NG affected versions not specified Description: This issue potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid...
PT-2023-22821 · Rust +2 · Rust +2
Name of the Vulnerable Software and Affected Versions: Wasmtime versions prior to 6.0.2 Wasmtime versions prior to 7.0.1 Wasmtime versions prior to 8.0.1 Description: Wasmtime's implementation of managing per-instance state contains LLVM-level undefined behavior, which can cause runtime-level...
SUSE CVE-2014-9751
The readnetworkpacket function in ntpio.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by...
[SECURITY] Fedora 35 Update: golang-github-google-wire-0.4.0-6.fc35
Wire is a code generation tool that automates connecting components using dependency injection. Dependencies between components are represented in Wire as function parameters, encouraging explicit initialization instead of global variables. Because Wire operates without runtime state or reflectio...
GHSA-82V2-F875-73G9 Wildfly Authorization Misconfiguration
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...
Wildfly Authorization Misconfiguration
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...
Design/Logic Flaw
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...
CVE-2014-9751
The readnetworkpacket function in ntpio.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by...
DEBIAN-CVE-2014-9751
The readnetworkpacket function in ntpio.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by...
Fedora 17 : hostapd-0.7.3-9.fc17 (2012-9137)
Remove hostapd-specific runtime state directory Fixup typo in pid file path in hostapd.service Add BuildRequires for systemd-units Fixup typo in configuration file path in hostapd.service Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora 16 : hostapd-0.7.3-9.fc16 (2012-9206)
Remove hostapd-specific runtime state directory Fixup typo in pid file path in hostapd.service Fixup typo in configuration file path in hostapd.service Tighten-up default permissions for hostapd.conf CVE-2012-2389 Add BuildRequires for systemd-units Fixup typo in configuration file path in...