Buffer overflow

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parsehellosubtlv, parseihusubtlv, and parseupdatesubtlv in babeld/message.c...

UBUNTU-CVE-2022-26128

A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babelpacketexamin function in babeld/message.c...

apache-httpclient: incorrect handling of malformed authority component in request URIs

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...

GSD-2022-1000602 btrfs: defrag: fix wrong number of defragged sectors

btrfs: defrag: fix wrong number of defragged sectors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.5 by commit...

CVE-2022-26128

A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babelpacketexamin function in babeld/message.c...

WebHMI 4.1.1 Remote Code Execution Exploit

Exploit Title: WebHMI 4.1.1 - Remote Code Execution RCE Authenticated Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI 4.1.1.7662 Tested on: WebHMI-4.1.1.7662 !/usr/bin/python import sys import re import argparse import requests import time import...

rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source

A flaw was found in the way Bundler determined the source repository when installing dependencies of source-restricted gem packages. In configurations that use multiple gem repositories and explicitly define from which source repository certain gems are to be installed, a dependency of a...

PT-2022-13320

Name of the Vulnerable Software and Affected Versions url-parse versions prior to 1.5.7 Description The issue allows for authorization bypass through a user-controlled key. A specially crafted URL with an '@' sign but empty user info and no hostname, when parsed with url-parse, will return the...

CVE-2022-23158

Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with standard privilege could potentially exploit this vulnerability and provide incorrect port information and get connected to valid WMS server...

rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source

A flaw was found in the way Bundler determined the source repository when installing dependencies of source-restricted gem packages. In configurations that use multiple gem repositories and explicitly define from which source repository certain gems are to be installed, a dependency of a...

Race condition

HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. Fixed in 1.0.18, 1.1.12, and 1.2.6...

Hashicorp Nomad 竞争条件问题漏洞

Hashicorp Nomad is a distributed, data center-aware cluster and application scheduler from Hashicorp, USA. The program supports the deployment of microservices, batch, containerized and non-containerized applications. A Competing Conditions Issue vulnerability exists in HashiCorp Nomad and Nomad...

TLS certificate validation error

In mellium.im/xmpp, an attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification...

Cvx3CrvOracle.sol _peek() returns wrong units

Handle sirhashalot Vulnerability details Impact The Cvx3CrvOracle.sol contract claims it "provides current values for Cvx3Crv". When getting the current values, "only cvx3crvid and ethId are accepted as asset identifiers" for the base and quote parameters to the peek and get functions. peek and g...

Mageia: Security Advisory (MGASA-2019-0418)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:0199-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0199-1 advisory. - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox...

CVE-2021-21996

An Exposure of Resource to Wrong Sphere flaw was found in Salt. This flaw allows a user who has control of the source and sourcehash URLs to gain full file system access as root on a Salt minion...

UBUNTU-CVE-2022-22748

Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

[WP-H39] PoolTemplate.sol#resume() Wrong implementation of resume() will compensate overmuch redeem amount from index pools

Handle WatchPug Vulnerability details Root Cause Wrong arithmetic. uint256 deductionFromIndex = debt totalCredit MAGICSCALE1E6 / totalLiquidity; uint256 actualDeduction; for uint256 i = 0; i 0 uint256 shareOfIndex = credit MAGICSCALE1E6 / totalCredit; uint256 redeemAmount = divCeil...

Krisp: Add more seats by paying less via PUT /v2/seats request manipulation

Summary: I could not fully test this vulnerability because the test plan must be completed for the payment process, that is, 30 days. But the price value in api also changes and if payment is made according to this value, wrong billing will occur. The annual pro option for Team plan billing is $6...