CVE-2026-49000

An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...

CVE-2026-49000

An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...

CVE-2022-31754

Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features...

EUVD-2022-53150

Malicious code in bioql PyPI...

CVE-2024-51997 The Attestation Results Token can be arbitrarily modified without being detected in Trustee

Trustee is a set of tools and components for attesting confidential guests and providing secrets to them. The ART Attestation Results Token token, generated by AS, could be manipulated by MITM attacker, but the verifier CoCo Verification Demander like KBS could still verify it successfully. In th...

Monero: [Monero wallet RPC] File precreation to file ownership and credentials leak

The Monero wallet RPC was found to have a vulnerability in the file creation process that could lead to potential credential leakage. The issue was located in the walletrpcserver::init method, where a file was created without using the OEXCL flag, allowing an attacker to pre-create the file and...

the protocol using 3% GBC instead of 2%

Lines of code Vulnerability details Impact the protocol using 3% GBC instead of 2% as they mentioned in their docs, this may cause problem in the code implementation because the logic is based on 2% but the protocol allowing to use 3% of GBC. Proof of Concept the line that it mentioned that the...

CVE-2023-22460 go-ipld-prime json codec may panic if asked to encode bytes

go-ipld-prime is an implementation of the InterPlanetary Linked Data IPLD spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on IPLD objects. Encoding data which contains a Bytes kind Node will pass a Bytes token to the JSON...

CVE-2022-31754

Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features...

CVE-2022-31754

Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features...

CVE-2022-31754

Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features...

CVE-2022-31754

Technical details (affected products, root cause, versions, or exploit information) are not provided in the supplied documents. Monitor for updates from vendors (e.g., Huawei, Red Hat) for concrete remediation and impact.

[WP-M2] Wrong implementation of TurboSafe.sol#less() may cause boosted record value in TurboMaster bigger than actual lead to BoostCapForVault and BoostCapForCollateral to be permanently occupied

Lines of code Vulnerability details // Get out current amount of Fei debt in the Turbo Fuse Pool. uint256 feiDebt = feiTurboCToken.borrowBalanceCurrentaddressthis; // If our debt balance decreased, repay the minimum. // The surplus Fei will accrue as fees and can be sweeped. if feiAmount feiDebt...

Xen 安全漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. There is a security vulnerability in xen tha...

Mozilla Thunderbird SQL注入漏洞

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The software supports the IMAP and POP mail protocols as well as the HTML mail format. Mozilla Thunderbird suffers from an SQL injection vulnerability that...

jsonpointer type obfuscation vulnerability

jsonpointer is an open source package for simple JSON addressing. jsonpointer suffers from a security vulnerability that stems from improper design or implementation during the development of code for a web-based system or product. No details of the vulnerability are currently available...

Facebook HHVM 路径遍历漏洞

Facebook HHVM a.k.a. HipHop Virtual Machine is a virtual machine from Facebook Inc. that significantly improves the performance of loading dynamic pages in PHP. HHVM suffers from a path traversal vulnerability that stems from improper design or implementation during code development of a networke...

Samsung Mobile Device 缓冲区错误漏洞

Samsung Mobile Device is a series of mobile smart devices from Samsung, a South Korean company. A security vulnerability exists in the Samsung Mobile Device, which arises from an improperly designed or implemented network system or product code development process...

CVE-2018-13625

The mintlvlToken function of a smart contract implementation for Krown, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

tcp(port&seq) backdoor

Автор: slashd Что это? Реализации скрытого канала передачи данных на сервер с помощью стандартных полейв нашем случае поля SEQ и Source Port TCP-заголовка. Теоритическая часть. Реализовать скрытую передачу данных с помощью TCP-заголовка можно несколькими способами. Клиентхакер иницирующий...