Xen 安全漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen...

Accusoft ImageGear 缓冲区错误漏洞

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft Corporation. A buffer error vulnerability exists in Accusoft ImageGear version 20.0 that stems from the presence of an out-of-bounds write. An attacker could exploit the vulnerability to cause memory corruptio...

Exposure of Data Element to Wrong Session

Overview johnpbloch/wordpress-core is a web software you can use to create a website or blog. Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session due to the improper handling of user session states. An attacker can escalate privileges and perform...

Set admin emit event with wrong data

Lines of code Vulnerability details Impact emit AdminUpdatedadmin, newAdmin; will emit AdminUpdated with same values. Proof of Concept Tools Used Code analytics Recommended Mitigation Steps store address of admin before --- The text was updated successfully, but these errors were encountered: All...

CVE-2022-26121

An exposure of resource to wrong sphere vulnerability CWE-668 in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through 5.6.11 may allow an unauthenticated and remote attacker to access report template images via...

Fortinet FortiManager和FortiAnalyzer 安全漏洞

Fortinet FortiManager and Fortinet FortiAnalyzer, both from Fortinet, are a centralized network security management platform. Fortinet FortiAnalyzer is a centralized network security reporting solution. The product is mainly used to collect network log data and analyze, report and archive...

DEBIAN-CVE-2021-43980

The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremely hard to trigger concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 tha...

UBUNTU-CVE-2021-43980

The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremely hard to trigger concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 tha...

Upgraded Q -> M from 238 [1664280666405]

Judge has assessed an item in Issue 238 as Medium risk. The relevant finding follows: 5. Wrong comparison result when the self is longer than other File: contracts\dnssec-oracle\BytesUtils.sol 115: function equalsbytes memory self, uint offset, bytes memory other internal pure returns bool 116:...

Upgraded Q -> M from 238 [1664280434191]

Judge has assessed an item in Issue 238 as Medium risk. The relevant finding follows: 5. Wrong comparison result when the length is longer than 32 File: contracts\dnssec-oracle\BytesUtils.sol 44: function comparebytes memory self, uint offset, uint len, bytes memory other, uint otheroffset, uint...

A mistake made by the Minters can result in minting tokens to a wrong address or a zero address.

Lines of code Vulnerability details Impact Tokens can be minted to a wrong address. Proof of Concept The function mintermint is used by the Minters, to mint tokens to the users that successfully used the functions submitAndDeposit, submit and submitAndGive. However there is no check in mintermint...

CVE-2022-0143 LDAP Connector: When startTLS is used then LDAP connector ignores the wrong password

When the LDAP connector is started with StartTLS configured, unauthenticated access is granted. This issue affects: all versions of the LDAP connector prior to 1.5.20.9. The LDAP connector is bundled with Identity Management IDM and Remote Connector Server RCS...

GSD-2022-1005144 net: bgmac: Fix a BUG triggered by wrong bytes_compl

net: bgmac: Fix a BUG triggered by wrong bytescompl This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.4 by commit...

GHSA-9J4V-PP28-MXV7 TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannel`

Impact If FakeQuantWithMinMaxVarsPerChannel is given min or max tensors of a rank other than one, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf numbits = 8 narrowrange = False inputs = tf.constant0, shape=4, dtype=tf.float32 min ...

PT-2022-33258 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.19.2 through v5.19.8 Description: The issue is related to a wrong last sg check in the sk msg recvmsg function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

parse-url 安全漏洞

parse-url is an advanced url parser with git url support by the individual developer Ionică Bizău. A security vulnerability exists in parse-url prior to version 8.1.0, which stems from the fact that parse-url incorrectly parses the https url that follows it, identifying its protocol as ssh, and...

Hitachi Energy MicroSCADA X SYS600 输入验证错误漏洞

Hitachi Energy MicroSCADA X SYS600 is a SCADA product from Hitachi Japan. It ensures optimal control and reliable operation of your switching station through seamless integration and connectivity between different devices and systems. A security vulnerability in Hitachi Energy MicroSCADA X SYS600...

Function getRedeemAmountOut can't deliver was it should be

Lines of code Vulnerability details Proof of Concept The fn of getRedeemAmountOut can't be deliver the same as it should be eversince it has @params uint256 amountIn and return amountIn which clearly should be amountFeiIn. So the calculate would be deliver wrong value. Tools Used Manual Review...

DEBIAN-CVE-2022-0358

A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certa...

IBM OPENBMC Denial of Service Vulnerability

IBM OPENBMC is a simulator from International Business Machines Corporation IBM. IBM OPENBMC versions OP910 and OP940 have a denial-of-service vulnerability that stems from allowing privileged users to upload the wrong site ID book, which could be exploited by an attacker to cause them to lose...