The vulnerability of the libssh2 library, which implements Git methods in C language using Libgit2, allows a attacker to perform a type of “man-in-the-middle” attack.

The vulnerability of the libssh2 library, which implements Git methods in C using Libgit2, is related to errors in verifying the cryptographic signature. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...

java-11-openj9,java-1_8_0-openj9: unverified methods can be invoked using MethodHandles

In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles...

The vulnerability of the CmActLicense component in the CodeMeter license management application allows a violator to rename any files at will.

The vulnerability of the CmActLicense component in the CodeMeter license management application is related to errors in verifying the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to rename arbitrary files remotely...

CVE-2021-22481

There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2021-22481

There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality...

Spoofing

There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2021-22481

Technical details about CVE-2021-22481 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

CVE-2021-22481

There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality...

The vulnerability of the wswprintf function in the AEAgent.cpp file of the ManageEngine AssetExplorer software, which allows a attacker to trigger a buffer overflow.

The vulnerability of the wswprintf function in the AEAgent.cpp file of the ManageEngine AssetExplorer software for managing IT assets is related to errors during certificate verification. Exploiting this vulnerability could allow a malicious actor to trigger a heap overflow...

The vulnerability of the command-line interface of the StarOS operating system, which allows a hacker to gain increased privileges

The vulnerability of the StarOS command-line interface is related to errors during command input verification. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Microsoft SharePoint Server software, the Microsoft Lync Server and Skype for Business Server messaging applications is related to errors in token verification by Oauth. This vulnerability allows attackers to escalate their privileges.

The vulnerability of the Microsoft SharePoint Server software, the Microsoft Lync Server and Skype for Business Server messaging applications is related to errors in token verification using Oauth. Exploiting this vulnerability can allow attackers to gain increased privileges...

EulerOS Virtualization 3.0.6.0 : edk (EulerOS-SA-2020-1791)

According to the versions of the edk package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL Pointer Dereference in matchat in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by...

CVE-2020-15047

MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers...

The vulnerability in the web interface for managing microprogrammed software in Cisco SPA100 Series IP phones allows a perpetrator to cause a service failure.

The vulnerability of the web interface for managing Microprogramming-based IP phones from the Cisco SPA100 series is related to errors during the verification of user requests sent to the web management interface. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability in the web interface of the Cisco Integrated Management Controller, a software tool for remote administration of servers, allows a perpetrator to execute arbitrary commands with root privileges.

The vulnerability of the web interface for managing Cisco Integrated Management Controllers involves errors during the verification of data entered by the user in the Certificate Request Service function. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with ro...