SAP Business Planning and Consolidation 代码问题漏洞

SAP Business Planning and Consolidation is a business planning and consolidation software from SAP, Germany. The software provides budgeting, forecasting, and financial consolidation capabilities. A code issue vulnerability exists in SAP Business Planning and Consolidation version 200, version 30...

SAP BusinessObjects Business Intelligence Platform 代码问题漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and enable fast, ea...

GSD-2023-1001873 efi: fix potential NULL deref in efi_mem_reserve_persistent

efi: fix potential NULL deref in efimemreservepersistent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...

WordPress plugin Enable Media Replace 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

AddressRegistry can associate same CID to different addresses at the same time

Lines of code Vulnerability details The AddressRegistry contract can associate a CID NFT to an account address. As stated in the contest, the CID NFT can be transferred out of the account that registered it. However, once transferred it can be registered again while keeping the previous...

Upgraded Q -> 2 from #862 [1675430218943]

Judge has assessed an item in Issue 862 as 2 risk. The relevant finding follows: L-1 Function requireNextActiveMultisig always returns the first Multisig Affected code MultisigManager.requireNextActiveMultisig is supposed to return the next enabled Multisig. However it always returns the first...

_squeezeDrips() passed the amount argument in place of amtPerSec for the _addDeltaRange, causing either underflow or the sender losing lots of fund!

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. squeezeDrips passes the amount argument in place of amtPerSec for its callee addDeltaRange in the following line addDeltaRangestate, cycleStart, cycleStart + 1, -int256amt AMTPERSECMULTIPLIER; The last...

FastCMS 代码问题漏洞

FastCMS is a content management system from FastCMS, Inc. A code issue vulnerability exists in FastCMS version 0.1.0, which stems from unknown handling of the component Template Management, resulting in unrestricted uploads...

Any user is able to mint a new receipt/ticket tokens

Lines of code Vulnerability details Impact In the RabbitHoleReceipt and RabbitHoleTickets contracts the minterAddress should be the only account allowed to mint a new token, but due to an error in the onlyMinter modifier all the users are able to mint new tokens without permission, the impact of...

User can open position without depositing tokens

Lines of code Vulnerability details Impact User can mint long/short tokens without depositing anything. This is because the function on LN 172 doesn't check the contents of the returned data from the function, and the function doesn't verify that the contract has indeed received the expected...

user funds loss in withdraw() of StRSR because code don't revert when calculated rsrAmount is zero

Lines of code Vulnerability details Impact Function withdraw in StRSR completes an account's unstaking. but when calculated amount of RSR token is 0 code still burn user draftRSR and returns. This would cause users small amount of deposits to get burned and user won't receive any funds. as withdr...

function withdraw() in StRSR won't update contract state (totalDrafts) in all cases which can cause wrong fund distribution and fund stucking in the contract

Lines of code Vulnerability details Impact Function withdraw complete an account's unstaking. it transfers user draft withdrawals and updates totalDrafts. but when calculated rsrAmount is 0 code returns and won't updates totalDrafts which can cause wrong calculations as those draft items removed...

Proficy Historian 代码问题漏洞

GE Digital Proficy Historian is a powerful tool with storage analysis and data collection capabilities from GE Digital. A code issue vulnerability exists in Proficy Historian v7.0 and prior versions, which arises from a code issue that allows an unauthorized user to change or write files with ful...

CVE-2023-22357

Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication. A remote unauthenticated attacker may read/write in arbitrary area of the device memory, which may lead to overwriting the...

Talend Open Studio for MDM 代码问题漏洞

Talend Open Studio for MDM is an open source software from Talend Open Source. It provides master data management, data management, integration and data quality in a single platform. A code issue vulnerability exists in Talend Open Studio for MDM that stems from unknown code in the component XML...

Incorrect management of requested gas amount in EIP-4337 logic

Lines of code Vulnerability details Description According to the EIP-150 call can consume as most 63/64 of parent calls' gas. That means that it is possible to manipulate the gas amount to be passed into calls mentioned in the "Links to affected code" section. Specifically, if the amount of gas...

iText 代码问题漏洞

iText is an open source library for creating and manipulating PDF files in Java. It is written by Bruno Lowagie, Paulo Soares and others. A code issue vulnerability exists in iText RUPS. An attacker exploits this vulnerability to cause xml external entity references...

Ampache 代码问题漏洞

Ampache is a web-based audio/video application and file manager. A code issue vulnerability exists in Ampache versions prior to 5.5.6 that stems from unrestricted uploading of dangerous types of files...

Reentrancy attack allows to get loan for free

Lines of code Vulnerability details Impact Reentrancy attack allows to get loan for free when startLiquidationAuction is called on last collateral token. Proof of Concept When user has a bad debt, then anyone can start auction for his nft. To purchase token, liquidator can call...

in add function forgot to add not zero for minimum lp

Lines of code Vulnerability details Impact problems in the calculation of the system Proof of Concept requirebaseTokenAmount 0 && fractionalTokenAmount 0, "Input token amount is zero"; Tools Used manually Recommended Mitigation Steps add checks like basetoken --- The text was updated successfully...