[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256610

 
 

909

 
 

199263

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 254845 Download | Alert*

Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.11.

Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bumsys prior to v2.0.1.

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository francoisjacquet/rosariosis prior to 10.8.2.

An Authorization Bypass vulnerability was found in MB Connect Lines��mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual version <= 2.13.3.��An authenticated remote user with low privileges can change the password of any user in the same account. This allows to take over the admin user and therefore fully compromise the account.

A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.

Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.

Bhima version 1.27.0 allows an attacker authenticated with normal user permissions to view sensitive data of other application users and data that should only be viewed by the administrator. This is possible because the application is vulnerable to IDOR, it does not properly validate user permissions with respect to certain actions the user can perform.

A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory.

Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code.

Compiler removal of buffer clearing in sli_cryptoacc_transparent_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.


Pages:      Start    25359    25360    25361    25362    25363    25364    25365    25366    25367    25368    25369    25370    25371    25372    ..   25484

© SecPod Technologies