CVE-2023-23546

A misconfiguration vulnerability exists in the urvpnclient functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

If frontend == address(0), 10% of the ticket price is not used as intended

Lines of code Vulnerability details Impact The function buyTickets, has no check that frontend is not equal to zero address. This is possible if there was some misconfiguration from the frontend side or a player uses this function directly and does not set any address. In this case, the user...

Web Censorship Systems Can Facilitate Massive DDoS Attacks

Researchers are warning internet censorship systems are ripe for abuse by a new type of distributed denial of service DDoS attack. The potential for abuse is concerning, researchers say, because attacks would take advantage of a type of reflection and amplification, which would be “extremely...

NETGEAR has an unspecified vulnerability

The NETGEAR D3600 and NETGEAR D6000 are both a wireless modem from NETGEAR. A security vulnerability exists in the NETGEAR D3600 prior to version 1.0.0.76 and the D6000 prior to version 1.0.0.76, which stems from a misconfiguration of security settings. No details of the vulnerability are availab...

Google Android System Information Disclosure Vulnerability (CNVD-2019-31048)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. System is one of the system components. There is an information disclosure vulnerability in System in Android Q. The vulnerability arises from errors in the configuration of a networked...