logic flaw vulnerabilities and exploits

(subscribe to this query)

In ppmp_unprotect_buf of drm/code/drm_fw.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Google Android -

1 Article

In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible corrupt memory due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Google Android -

1 Article

Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr: from 6.0.0 up to and including 8.11.2, from 9.0.0 prior to 9.3.0. One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was ...

there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Google Android -

2 Articles

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branch...

Heimdal Project Heimdal 7.7.1 Heimdal Project Heimdal 7.8.0

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (prior to 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local ...

Linux Linux Kernel 5.10 Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 8.0 Redhat Enterprise Mrg 2.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0 Netapp Cloud Backup -Netapp Solidfire Baseboard Management Controller Firmware -Netapp H410c Firmware -

File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. This issue affects Apache Struts: fro...

Apache Software Foundation Apache Struts

8 Github repositories3 Articles

In International Color Consortium DemoIccMAX prior to 85ce74e, a logic flaw in CIccTagXmlProfileSequenceId::ParseXml in IccXML/IccLibXML/IccTagXml.cpp results in unconditionally returning false.

A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.

Moodle Moodle Moodle Moodle 4.0.0 Redhat Enterprise Linux 8.0 Fedoraproject Fedora 34 Fedoraproject Fedora 35 Fedoraproject Fedora 36

1 Github repository

Vladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate encryption logic on the DVR. firmware encryption is broken and allows to decrypt. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for ...

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook