OpenCTI 安全漏洞

OpenCTI is an open source cyber threat intelligence platform from OpenCTI Open Source. A security vulnerability exists in OpenCTI versions prior to 6.4.8 through 6.4.10, which stems from a vulnerability that allows bypassing of allow/deny lists, and could lead to modification of immutable...

Unrestricted Name and Symbol Modification in LSP7 and LSP8 Digital Assets

Lines of code Vulnerability details Impact The owner of a contract in LSP8IdentifiableDigitalAsset and LSP7DigitalAsset can arbitrarily change the name and symbol of a token after its deployment. This ability is due to the inheritance of the setData function from ERC725YCore.sol implemented in...

Unrestricted Name and Symbol Modification in LSP7 and LSP8 Digital Assets

Lines of code Vulnerability details I HAVE ALREADY SUBMITTED THIS ISSUE HOWEVER I MESSED UP THE LINKS FOR IT. CAN YOU PLEASE DISREGARD THE PREVIOUS SUBMISSION? Impact The owner of a contract in LSP8IdentifiableDigitalAsset and LSP7DigitalAsset can arbitrarily change the name and symbol of a token...

Mozilla Firefox and Firefox ESR Security Bypass Vulnerability (CNVD-2015-06384)

Mozilla Firefox is an open source web browser. A security vulnerability in the Mozilla Firefox NetworkUtils.cpp file allows remote attackers to bypass the ECMAScript 5 API protection mechanism, modify immutable attributes, and execute arbitrary JavaScript code with chrome privileges...