208 matches found
Design/Logic Flaw
User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users...
Missing pause check in transferAssetToNodeDelegator()
Lines of code Vulnerability details Summary The function transferAssetToNodeDelegator present in the LRTDepositPool contact ignores the contract's pause state. Impact The LRTDepositPool contract contains a functionality to pause the contract in case of an emergency. 208: function pause external...
Out-of-bounds
Insufficient bounds checking in the ASP AMD Secure Processor may allow an attacker to access memory outside the bounds of what is permissible to a TA Trusted Application resulting in a potential denial of service...
Missing deadline checks
Lines of code Vulnerability details Consider addings implementation to handle the expiration of the transaction for additional security. To implement a transaction expiration mechanism in the emergencyWithdraw add a timestamp check to ensure that the transaction is executed only within a certain...
Command Execution Vulnerability in 4A Unified Security Control Platform of Beijing Qixingchen Information Security Technology Co.
Beijing Qixingchen Information Security Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application service industry. A command execution vulnerability exists in the 4A Unified Security Control Platform of Beijing Qixingchen Information Security...
CVE-2023-40729
CVE-2023-40729 affects Siemens QMS Automotive: all versions prior to V12.39 are vulnerable due to unencrypted (HTTPS-free) communications, enabling MITM manipulation or theft of confidential data. Connected documents confirm the issue in QMS Automotive and specify the root cause as lack of securi...
Sponsor function allows voiding some elses chance to win
Lines of code Vulnerability details Impact Anyone can delegate someone elses balance to the sponsorship address, increasing their own likelihood of winning, while voiding the victims chance. Proof of Concept The issue is in the call-chain starting with Vault.sponsor: //Vault function sponsoruint2...
Able to change username that is by default unchangeable
Description The website receives input from the user that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but it does not properly control which attributes can be modified. Proof of Concept Step 1: We have a user with ID 18833 and the...
What are the impacts of FedRAMP® Rev. 5?
The FedRAMP PMO released the final Rev. 5 security control baselines and transition guidance for cloud service providers CSPs who have achieved authorization to operate ATO and those still in the planning stages. All CSPs should review the guidance as soon as possible and start developing a plan...
CVE-2023-34108
mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration. A vulnerability has been discovered in mailcow which allows an attacker to manipulate internal Dovecot variables by using specially crafted...
The Importance of Managing Your Data Security Posture
Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do...
CVE-2023-32677
CVE-2023-32677 (Zulip) affects Zulip Server 6.1 and earlier, where the UI for inviting a new user could let the inviter configure which streams the new user is invited to, potentially granting invitations to streams the inviter could not add users to. The underlying issue is a mismatch between wh...
Symantec Endpoint Protection Client < 14.3 RU5 Security Control Bypass
The version of Symantec Endpoint Protection Client SEP installed on the remote host is prior to 14.3 RU5 Patch 1. It is therefore affected by a Security Control Bypass if Client User Interface Password protection and/or Policy Import/Export Password protection is enabled. CVE-2022-37017 Note that...
Internet Bug Bounty: CVE-2023-23915: HSTS amnesia with --parallel
Multiple transfers in parallel using curl's HSTS cache saving feature resulted in the cache file being overwritten by the most recently completed transfer, causing a later HTTP-only transfer to the earlier hostname to not get upgraded properly to HSTS, leading to a bypass of intended security...
Internet Bug Bounty: CVE-2023-23914: HSTS ignored on multiple requests
Multiple requests made using curl's HSTS functionality ignored the HTTPS protocol and used an insecure clear-text HTTP step instead. This was due to the state not being properly carried on, allowing the bypass of intended security controls. The vulnerability was assigned CVE-2023-23914 and had a...
Symantec Endpoint Protection Manager < 14.3 RU5 Security Control Bypass (deprecated)
This plugin has been deprecated. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2009/04/02. Deprecated by symantecendpointprotclient143RU5P1.nasl. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid169425; scriptversion"1.3";...
CVE-2022-37017
Symantec Endpoint Protection Windows agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User...
Security feature bypass
Symantec Endpoint Protection Windows agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User...
CVE-2022-37017
Symantec Endpoint Protection Windows agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User...
CVE-2022-37017
Symantec Endpoint Protection Windows agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User...