Users might lose their balances when they set delegates

Lines of code Vulnerability details Impact Undelegated users will lose their balances if they set delegate to themselves. Proof of Concept A User can set a delegate and the delegated balance of the user will be accounted on the delegate's delegated balance in the TWAB controller. The internal...

Using supportsERC165InterfaceUnchecked() might break LSP functionality for certain contracts

Lines of code Vulnerability details Bug Description Throughout the codebase, the protocol uses the supportsERC165InterfaceUnchecked function from Openzeppelin's ERC165Checker.sol to check for the support of ERC-165 interface IDs. However, supportsERC165InterfaceUnchecked only checks if the call t...

CVE-2023-30564 Stored Cross-Site Scripting on Device Import Functionality

Alaris Systems Manager does not perform input validation during the Device Import Function...

CVE-2023-30563 Stored Cross-Site Scripting on User Import Functionality

A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked session...

Apple DCERPC presentation result list out of bounds memory access

Talos Vulnerability Report TALOS-2022-1659 Apple DCERPC presentation result list out of bounds memory access July 13, 2023 CVE Number CVE-2023-23539 SUMMARY An out of bounds memory access vulnerability exists in the processing of packets containing presentation result lists in DCERPC library as...

Apple DCERPC allocation hint uninitialized memory disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1675 Apple DCERPC allocation hint uninitialized memory disclosure vulnerability July 13, 2023 CVE Number None SUMMARY An information disclosure vulnerability exists in the call fault reporting functionality of DCERPC library as used in Apple macOS 12.6.1 that...

CWA iOS - Center mouse wheel button clicks not working inside ICA sessions

When Citrix ICA sessions launched from iOS endpoints, the center mouse button clicks are not effective anymore It is only the center button clicks that are not effective inside Citrix sessions. It is still possible to scroll up & down using the center wheel inside a Citrix session...

CVE-2023-20575

A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information...

Microsoft Windows MSHTML Platform 安全漏洞

Microsoft Windows MSHTML Platform is an application from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows MSHTML Platform. An attacker could exploit this vulnerability to bypass certain functionality. The following products and editions are affected:Windows 10 Versi...

Code injection

A security defect was identified that enabled a user of Foundry Issues to perform a Denial of Service attack by submitting malformed data in an Issue that caused loss of frontend functionality to all issue participants. This defect was resolved with the release of Foundry Issues 2.510.0 and Found...

CVE-2023-22835 Denial of Service in Foundry Issues

A security defect was identified that enabled a user of Foundry Issues to perform a Denial of Service attack by submitting malformed data in an Issue that caused loss of frontend functionality to all issue participants. This defect was resolved with the release of Foundry Issues 2.510.0 and Found...

CVE-2023-22835 Denial of Service in Foundry Issues

A security defect was identified that enabled a user of Foundry Issues to perform a Denial of Service attack by submitting malformed data in an Issue that caused loss of frontend functionality to all issue participants. This defect was resolved with the release of Foundry Issues 2.510.0 and Found...

CVE-2023-3219

The EventON WordPress plugin before 2.1.2 does not validate that the eventid parameter in its eventonicsdownload ajax action is a valid Event, allowing unauthenticated visitors to access any Post including unpublished or protected posts content via the ics export functionality by providing the...

Well.skim() TRANSACTION CAN BE FRONT RUN BY Well.sync() TRANSACTION THUS MAKING THE Well.skim() CALL INEFFECTIVE

Lines of code Vulnerability details Impact The Well.skim external function is used to transfer the excess tokens held by the well to teh recipient. This is done by calculating the differnce between the contract balance and the reserves for each of the tokens as shown below: skimAmountsi =...

Decimal is not correct in fee calculation

Lines of code Vulnerability details Impact The decimal doesn't match in the fee calculation, so this will break the fee calculation. Since fee calculation is very important in Mint/Burn actions, this problem can ruin the core functionality of transmuter. Proof of Concept This is the non-exact min...

Zinc Cross-site Scripting vulnerability

In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete template functionality. When an authenticated user deletes a template with a XSS payload in the name field, the Javascript payload will be executed and allow an attacker to access the user’...

CVE-2023-23571

An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to denial of service. An attacker can send a network request to trigger this vulnerability...

CVE-2023-22306

An OS command injection vulnerability exists in the libzebra.so bridgegroup functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...

Cross site scripting

Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploite...

Directory traversal

A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability...