318 matches found
CVE-2019-11270
Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the restrictions imposed on clients created via 'clients.write' and create clients with arbitrary scopes that the creator does not possess...
CVE-2019-5295
Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.125C00E125R2P14T8 have an authorization bypass vulnerability. Due to improper authorization implementation logic, attackers can bypass certain authorization scopes of smart phones by performing specific operations. This...
CVE-2019-5295
Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.125C00E125R2P14T8 have an authorization bypass vulnerability. Due to improper authorization implementation logic, attackers can bypass certain authorization scopes of smart phones by performing specific operations. This...
Migrating VAO 1.0 Deployment to Version 2.0
Challenge Upgrade of Veeam Availability Orchestrator to version 2.0 is not supported. However, you have an option to migrate your VAO 1.0 configuration to version 2.0 with minimal downtime. This KB article briefly describes architectural changes introduced in 2.0 version and provides step-by-step...
GNU Binutils libiberty heap buffer overflow vulnerability (CNVD-2019-22417)
GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project. The programs are primarily designed to work with target files in a variety of formats, and provide linkers, assemblers, and other tools for target files and archives...
UBUNTU-CVE-2019-6286
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skipoverscopes in prelexer.hpp when called from Sass::Parser::parseimport, a similar issue to CVE-2018-11693...
CVE-2018-15761
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their...
Homebrew: GitHub API Key for BrewTestBot is publicly exposed
Hello! While browsing through some old reports, I found that https://jenkins.brew.sh was publicly accessible. I got curious when I saw one of the brew bottle builds doing a git push to BrewTestBot/homebrew-core, and wondered if the credentials to make authenticated pushes were accessible. Sure...
DEBIAN-CVE-2018-11693
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skipoverscopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service...
CVE-2018-10550
In Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against the list of tenants the user has access to...
CVE-2018-10550
In Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against the list of tenants the user has access to...
CVE-2018-10550
In Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against the list of tenants the user has access to...
CVE-2018-7996
Eramba e1.0.6.033 has Stored XSS on the tooltip box via the /programScopes description parameter...
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes (2)
Exploit for windows platform in category dos / poc / Since the PoC is only triggerable when the "DeferParse" flag enabled and requires a with statement, I think this is simillar to issue 1310 . PoC: / // Enable the flag using '\n'.repeat0x1000 evalfunction f with function printf; ; ; +...
Microsoft Edge Chakra Deferred Parsing
Microsoft Edge: Chakra: Deferred parsing makes wrong scopes 2 CVE-2018-0775 Since the PoC is only triggerable when the "DeferParse" flag enabled and requires a with statement, I think this is simillar to issue 1310 . PoC: // Enable the flag using '\n'.repeat0x1000 evalfunction f with function...
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes (2)
/ Since the PoC is only triggerable when the "DeferParse" flag enabled and requires a with statement, I think this is simillar to issue 1310 . PoC: / // Enable the flag using '\n'.repeat0x1000 evalfunction f with function printf; ; ; + '\n'.repeat0x1000; PoC 2: // ./ch poc.js -ForceDeferParse...
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes (2)
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes 2 / Since the PoC is only triggerable when the "DeferParse" flag enabled and requires a with statement, I think this is simillar to issue 1310 . PoC: / // Enable the flag using '\n'.repeat0x1000 evalfunction f with function printf; ; ; +...
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes GetFuncExprNameReference || funcInfo-funcExprScope && funcInfo-funcExprScope-GetIsObject ... Js::RegSlot ldFuncExprDst = sym-GetLocation; this-mwriter.Reg1Js::OpCode::LdFuncExpr, ldFuncExprDst; if sym-IsInSlotfuncInfo Js::RegSlot...
CVE-2016-5172
The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code...
CVE-2016-5172
CVE-2016-5172 : The V8 parser used in Google Chrome/Chromium mishandles scopes, enabling a remote attacker to obtain sensitive information from arbitrary memory locations via crafted JavaScript. Affected product scope includes Google Chrome and Chromium builds prior to 53.0.2785.113. Remediation ...