Check CVE Id
Check CWE Id
Sorry. No results for Bugtraq WLB2
CVEMAP Search Results
Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the request is allowed. An attacker can take advantage of this and possibly carry out privileged actions and access sensitive information when the Access-Control-Allow-Credentials is enabled.
In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06219118; Issue ID: ALPS06219118.
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. In version 0.3.1 and prior, bytestrings can have dirty bytes in them, resulting in the word-for-word comparisons giving incorrect results. Even without dirty nonzero bytes, two bytestrings can compare to equal if one ends with `"\x00"` because there is no comparison of the length. A patch is available and expected to be part of the 0.3.2 release. There are currently no known workarounds.
On BIG-IP versions 15.1.x before 15.1.4, 14.1.x before 184.108.40.206, 13.1.x beginning in 220.127.116.11, 18.104.22.168-12.1.6, and 22.214.171.124, when a FastL4 profile and an HTTP, FIX, and/or hash persistence profile are configured on the same virtual server, undisclosed requests can cause the virtual server to stop processing new client connections. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.
Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects.
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A regular expression related to quick actions features was susceptible to catastrophic backtracking that could cause a DOS attack.
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1454 (MR3); 8.20 versions prior to 8.20.1291 (MR5); 8.10 versions prior to 8.10.1284 (MR7); version 8.00 and prior versions.
GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.
inflect is vulnerable to Inefficient Regular Expression Complexity
Back to Top