61 matches found
_distributeProfit will use the stale globalIC.swingTraderCollateralDeficit()/swingTraderCollateralRatio(), which will result in incorrect profit distribution
Lines of code Vulnerability details Impact The distributeProfit called by handleProfit will use globalIC.swingTraderCollateralDeficit/swingTraderCollateralRatio when distributing profits, and the latest globalIC.swingTraderCollateralDeficit/swingTraderCollateralRatio needs to be used to ensure th...
StabilizerNode.stabilize uses stale GlobalImpliedCollateralService data, which will make stabilize incorrect
Lines of code Vulnerability details Impact In StabilizerNode.stabilize, impliedCollateralService.syncGlobalCollateral is called only at the end of the function to synchronize the GlobalImpliedCollateralService data. if !shouldAdjustSupplyexchangeRate, stabilizeToPeg lastStabilize = block.timestam...
The vulnerability in the overwrite.config.php implementation: The $domain parameter of the web application for data synchronization with ownCloud allows attackers to perform spoofing attacks.
The vulnerability of the overwrite.config.php script, where $domain is used for the web application’s data synchronization with ownCloud, is related to configuration errors when processing the OWNCLOUDDOMAIN variable. Exploiting this vulnerability allows a malicious actor to perform spear-phishin...
The vulnerability of the Bifrost data-synchronization software is related to deficiencies in the authentication process, which allows attackers to elevate their privileges.
The vulnerability of the Bifrost data-synchronization software is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain increased privileges...
Vulnerabilities fixed in IBM QRadar SIEM
Vulnerabilities have been fixed in the IBM QRadar Data Synchronization App for IBM QRadar SIEM. The vulnerabilities are are in underlying software and libraries, such as Node.js and SQLite. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the...
CVE-2021-32728
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.3.0, the Nextcloud Desktop client fails to check if a privat...
Hebei OuRun TianTeng YunMengBar Network Studio YMBCMS Command Execution Vulnerability
YMBCMS is one of the self-developed products under Hebei OuRun TianTeng YunMengBar Network Studio.YMBCMS integrates computer station, cell phone station, WeChat public platform, small program, APP in one, sharing space, data synchronization and so on. Hebei OuRunTianTeng YunMengBar Network Studio...
The vulnerability of the data synchronization module at any time, triggered by user requests or by a special scheduler utility “LOCMAN Master Synchronization” of the engineering data and product lifecycle management system LOCMAN. This vulnerability is related to the unlimited loading of dangerous type files, allowing attackers to execute arbitrary code.
The vulnerability of the data synchronization module at any time, triggered by user requests or by special planning tools like “LOZMAN Master Synchronization” of the Engineering Data and Product Lifecycle management system LOZMAN, is related to the unlimited loading of dangerous files. Exploiting...
The vulnerability of the DxgkDdiEscape function in the NVIDIA GeForce, Quadro, and Tesla graphics processor software, related to errors in synchronizing common data, allows attackers to cause system failures, increase their privileges, or disclose sensitive information.
The vulnerability of the DxgkDdiEscape function in the NVIDIA GeForce, Quadro, and Tesla graphics processing unit software is related to errors during the synchronization of common data. Exploiting this vulnerability can allow an attacker to cause system failures, increase their privileges, or...
How To Troubleshoot And Fix The Situation When The ADM HA Is Not Working
One of the possible error conditions reported in the deployment is where in the GUI System - Deployment the following symptoms are reported: Heartbeats are not received from the secondary Data synchronization has failed on secondary Apart of the information displayed in GUI on primary node, there...
Easy!Appointments v1.2.1 Multiple Stored XSS Vulnerabilities
Summary Easy!Appointments is a highly customizable web application that allows your customers to book appointments with you via the web. Moreover, it provides the ability to sync your data with Google Calendar so you can use them with other services. It is an open source project and you can...
The vulnerability of the web application for data synchronization with ownCloud allows a attacker to reinstall the application or execute arbitrary code.
The vulnerability of the routing subsystem of the web application for data synchronization with ownCloud exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to reinstall the application or execute arbitra...
The vulnerability of the web application for data synchronization with ownCloud allows a hacker to circumvent existing access restrictions and gain access to users’ files.
The vulnerability of the virtual file system of the web application for data synchronization with ownCloud is related to the lack of data validation during data retrieval. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions and gain access to user files b...
The vulnerability of the web application for data synchronization with ownCloud allows a hacker to inject arbitrary web or HTML code.
The vulnerability of the web application for data synchronization with ownCloud exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code using special symbols within the file name...
The vulnerability of the web application for data synchronization with ownCloud allows a attacker to execute arbitrary SMB commands.
The vulnerability of the driver for the external SMB storage device used by web applications for data synchronization with ownCloud exists because measures to neutralize the special elements used in the operating system commands have not been taken. Exploiting this vulnerability allows a maliciou...
Tails 1.7 - The Amnesic Incognito Live System
Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity , and helps you to: use the Internet anonymously and circumvent censorship ; all connections to the Internet are forced to go through the...
Decentralized P2P Websites: ZeroNet
Decentralized P2P websites using Bitcoin crypto and the BitTorrent network ZeroNet uses Bitcoin cryptography and BitTorrent technology to build a decentralized censorship-resistant network. Users can publish static or dynamic websites into ZeroNet and visitors can choose to also serve the website...
[MISP v2.1] Malware Information Sharing Platform
The problem that we experienced in the past was the difficulty to exchange information about targeted malwares and attacks within a group of trusted partners, or a bilateral agreement. Even today much of the information exchange happens in unstructured reports where you have to copy-paste the...
CVE-2012-2727
Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter...
MobiLink Server Detection
The remote service is a MobiLink server, a component of the Sybase SQL Anywhere package used for two-way data synchronization. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid31718; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...