Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the OpenWire protocol when an authenticated user with the createDurableQueue permission but without the createAddress permission attempts to create a non-durable JMS topic subscription on a non-existent addres...

The vulnerability of HashiCorp’s Vault and Vault Enterprise archiving platforms for corporate information lies in improper validation or processing of exceptional conditions, allowing attackers to trigger service failures.

The vulnerability of the HashiCorp Vault and Vault Enterprise archiving platforms relates to the improper handling of requests originating from unauthorized IP addresses. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

CVE-2024-6468

Vault and Vault Enterprise did not properly handle requests originating from unauthorized IP addresses when the TCP listener option, proxyprotocolbehavior, was set to denyunauthorized. When receiving a request from a source IP address that was not listed in proxyprotocolauthorizedaddrs, the Vault...

Hikvision HikCentral Professional Security Vulnerability

Hikvision HikCentral is a security management software from Hikvision China. A security vulnerability exists in Hikvision HikCentral Professional V2.5.1 and prior versions, which stems from insufficient server-side authentication and could allow an attacker to access certain URLs that they should...

Unrestricted Access to setRoyalty Function

Lines of code Vulnerability details Impact Severity: High Likelihood: High Description The setRoyalty function in the ERC2981CollectionRoyalties contract can be called by anyone. This function is used to set the royalty information for a specific token ID. However, because there are no access...