LOWER BOUNDARY OF DRAWING TOKEN RANGE IS TOO LOW

Lines of code Vulnerability details Impact The current logic in VRFNFTRandomDraw.sol could lead to undesirable edge cases due to allowing the lower limit of the drawing token range to be as low as 2. It could lead to a long drag before the raffle could end or cancel if one of the drawing tokens i...

Samba AD DC using Heimdal can be forced to

Description Kerberos, the trusted third party authentication system at the heart of Active Directory, issues a ticket using a key known to the target server but nobody else, returned to the client in a TGS-REP. This key needs to be of a type understood only by the KDC and target server. However,...

PUB-A-231583603

In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User interaction is not needed for exploitation...

H01: code is not same as intended function description

Lines of code Vulnerability details MIMOAutoAction.sol, 26-38 / @notice Sets a vault automation parameters @dev Can only be called by vault owner @param vaultId Vault id of the vault to be automated @param autoParams AutomatedVault struct containing all automation parameters / function...

Swapper3Crv.sol use the wrong address for sushiswap

Lines of code Vulnerability details Impact This seems to be out of scope, but still worth mentioning. This line should be address sushiSwap = SUSHISWAP; --- The text was updated successfully, but these errors were encountered: All reactions...

Seems to be an inattention error

Lines of code Vulnerability details Shouldn't it be mintto, shares; ? Currently the using mint , one would receive as many shares as assets they transfer, which is not the intended behaviour --- The text was updated successfully, but these errors were encountered: All reactions...

The vulnerability of the software for creating a private virtual network, astra-openvpn-server, related to code errors, allows a intruder to trigger a service failure.

The vulnerability of the software used to create the private virtual network astra-openvpn-server is related to a code error that prevents the /etc/openvpn/keys/ directory from being created. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

The vulnerability of the User Interface sub-component of the Oracle Projects component in the Oracle E-Business Suite, which allows a malicious individual to gain unauthorized access to the device.

The vulnerability of the User Interface component of the Oracle Projects component in the Oracle E-Business Suite automation system is related to code errors. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to the device through HTTP requests...

The vulnerability of the sub-component Courseware within the Oracle Quoting component of the Oracle E-Business Suite allows a perpetrator to gain unauthorized access to the device.

The vulnerability of the Courseware sub-component of the Oracle Quoting component in the Oracle E-Business Suite system’s enterprise automation activity system is related to code errors. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to the...

The vulnerability of the PPP network protocol implementation, related to errors in the code, allows a perpetrator to increase their privileges.

The vulnerability of the PPP network protocol implementation is related to errors in the code. Exploiting this vulnerability can allow an attacker to increase their privileges...

CVE-2020-13846

Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code...

UBUNTU-CVE-2020-13846

Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code...

The vulnerability of the account.firefox.com component in Firefox web browsers, Firefox ESR, and the Thunderbird email client allows a perpetrator to compromise data integrity or cause service failures.

The vulnerability of the account.firefox.com component in Firefox web browsers, Firefox ESR, and the Thunderbird email client is related to a exit code error. Exploiting this vulnerability can allow an attacker to compromise data integrity or cause service failures...

CVE-2018-5743

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of...

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Wi-Fi driver for Qualcomm’s Android operating system is related to errors in the code. Exploiting this vulnerability can allow a remote attacker to gain increased privileges through a specially created application...

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Wi-Fi driver for Qualcomm’s Android operating system is related to errors in the code. Exploiting this vulnerability can allow a remote attacker to gain increased privileges through a specially created application...

The vulnerability of the Flash Player software platform, which allows attackers to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Flash Player software is related to errors in its code. Exploiting this vulnerability can allow a malicious actor to compromise the integrity, accessibility, and confidentiality of information...

The vulnerability of the HPE Data Protector backup tool allows a perpetrator to execute arbitrary code.

The vulnerability of the HPE Data Protector backup tool is related to errors in the code. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code...

The vulnerability of the MySQL database management system allows a hacker to cause a service failure.

The vulnerability of the Server sub-component in the MySQL database management system is related to errors in the code. Exploiting this vulnerability can allow an attacker, operating remotely, to cause the operating system to become unresponsive, or in rare cases, to cause an emergency shutdown...

The vulnerability of the MySQL database management system allows a hacker to cause a service failure.

The vulnerability of the Server: Optimizer component of the MySQL database management system is related to errors in the code. Exploiting this vulnerability can allow a malicious actor to cause the system to become unresponsive or, in rare cases, to crash through network packets...