10 matches found
FreeBSD 安全漏洞
FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from issues with hash calculations. This vulnerability may cause rules that use address-range syntax to be silently discarded, resulting in unexpected behaviors...
CVE-2024-54135 Untrusted Deserialization in ClipBucket-v5 Version 2.0 to 5.5.1 Revision 199
ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 2.0 to Version 5.5.1 Revision 199 are vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/photoupload.php within the decodekey function. User inputs were supplied to this function...
Improper Validation Of Non-deterministic Behavior
github.com/cosmwasm/wasmd is vulnerable to Improper validation of non-deterministic behavior. The vulnerability is due to the incorrect marking of the SmartContractState query as safe, which may cause non-deterministic outcomes across different nodes. Attackers can potentially exploit this...
Return values not being checked
Lines of code Vulnerability details Return values not being checked Impact Return values not being checked may lead into unexpected behaviors with functions. Not events/Error are being emitted if that fails, so functions would be called even of not being working as expect as for example...
CVE-2022-0815
Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up to 8.1.0.1895 allows a remote attacker to gain access to McAfee WebAdvisor settings and other details about the user’s system. This could lead to unexpected behaviors including; settings being changed...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : libexif vulnerability (USN-4624-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4624-1 advisory. It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause unexpected behaviour...
Ubuntu: Security Advisory (USN-4624-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Insecure Error Handling
github.com/ory/fosite does not securely handle errors from the server. The TokenRevocationHandler ignores errors coming from the storage. This can lead to unexpected 200 status codes indicating successful revocation while the token is still valid and may lead to unexpected behaviors in the server...
CVE-2020-3175
A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper resource usage control. An...
Rockstar Games: Control Character Injection In Messages
This report involved the injection of control characters, such as Null Byte 0x00, into vulnerable fields in the Message endpoints in order to cause unexpected, harmful behaviors. Our solution was to both block control characters from being saved on the backend when included in user-input, as well...