PT-2022-13481 · Mcafee · Mcafee Enterprise Epolicy Orchestrator

Name of the Vulnerable Software and Affected Versions: McAfee Enterprise ePolicy Orchestrator versions prior to 5.10 Update 13 Description: A lack of password change protection in a depreciated API allows a remote attacker to change the password of a compromised session without knowing the existi...

Chainlink pricer is using a deprecated API

Lines of code Vulnerability details Impact According to Chainlink's documentation, the latestAnswer function is deprecated. This function might suddenly stop working if Chainlink stop supporting deprecated APIs. And the old API can return stale data. Proof of Concept Tools Used None Recommended...

Use of deprecated Chainlink API

Handle 0x1f8b Vulnerability details Impact Deprecated API stops working. Prices cannot be obtained. Protocol stops and contracts have to be redeployed. Proof of Concept The contracts use Chainlink’s deprecated API latestAnswer. Such functions might suddenly stop working if Chainlink stopped...

Use of deprecated Chainlink API

Handle 0xRajeev Vulnerability details Impact The contract uses Chainlink’s deprecated API latestAnswer. Such functions might suddenly stop working if Chainlink stopped supporting deprecated APIs. Impact: Deprecated API stops working. Prices cannot be obtained. Protocol stops and contracts have to...

Usage of deprecated ChainLink API in Buoy3Pool

Handle cmichel Vulnerability details Vulnerability Details The Chainlink API latestAnswer used in the Buoy3Pool oracle wrappers is deprecated: This API is deprecated. Please see API Reference for the latest Price Feed API. Chainlink Docs Impact It seems like the old API can return stale data...

PT-2021-8378 · Unknown · Lz4 Bindings

Name of the Vulnerable Software and Affected Versions: LZ4 bindings affected versions not specified Description: The issue is related to the use of a deprecated C API in LZ4 bindings, which is vulnerable to memory corruption. This could potentially lead to arbitrary code execution if the bindings...

Fedora: Security Advisory for gdk-pixbuf2-xlib (FEDORA-2021-2e59756cbe)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: gdk-pixbuf2-xlib-2.40.2-2.fc33

gdk-pixbuf2-xlib contains the deprecated API for integrating gdk-pixbuf2 wi th Xlib data types. This library was originally shipped by gdk-pixbuf2, and has since been moved out of the original repository. No newly written code should ever use this library. If your existing code depends on...

PYSEC-2021-3

The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the attacker needs to be aware of certain parameters to pass to that endpoint and even after can jus...

Prototype Pollution

Overview Versions of angular prior to 1.7.9 are vulnerable to prototype pollution. The deprecated API function merge does not restrict the modification of an Object's prototype in the , which may allow an attacker to add or modify an existing property that will exist on all objects. Recommendatio...

Privilege escalation

An API Privilege vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco TelePresence Server endpoints. Affected Products: This vulnerability affects Cisco TelePresence Server MSE 8710 Processors that are running a software release prio...