Lucene search
K

9099 matches found

Code423n4
Code423n4
added 2022/12/16 12:0 a.m.6 views

Delayed contests might be rugpulled by admin

Lines of code Vulnerability details In order to guarantee the raffle NFT will not be stuck in the contract, there’s a last resort option which allows the admin the reclaim the NFT from the contract. However, the timestamp as from which this action can take place, is calculated based on when the...

6.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.7 views

PT-2022-6664 · Tp Link · Tp-Link Tapo C200

Name of the Vulnerable Software and Affected Versions: TP-Link Tapo C200 camera version 1.1.22 Build 220725 Description: The issue is related to the implementation of the AES encryption algorithm in the TP-Link Tapo C200 camera, which involves the reuse of the AES Key-IV pair across all cameras...

4.6CVSS6.7AI score0.00419EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2022/12/13 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-5773-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.21314EPSS
Exploits3References2
Code423n4
Code423n4
added 2022/12/12 12:0 a.m.13 views

Owner can rug PrePOMarket using re-initialized finalLongPayout.

Lines of code Vulnerability details Description In PrePOMarket.sol, the finalLongPayout represents the finalized value of a single long token in the market. It is settled post ICO / IPO according to predetermined rules. The issue is that this value may be re-initialized as many times as owner...

6.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/12/12 12:0 a.m.6 views

The vulnerability of the Fortinet FortiClient for Windows installer allows a hacker to increase their privileges.

The vulnerability of the Fortinet FortiClient for Windows installer is related to initialization errors. Exploiting this vulnerability can allow an attacker to gain increased privileges...

8.2CVSS7.6AI score0.00373EPSS
Exploits0References5Affected Software1
Code423n4
Code423n4
added 2022/12/09 12:0 a.m.17 views

[NAZ-H2] Update Initializer Modifier To Prevent Reentrancy During Initialization

Lines of code Vulnerability details Impact Currently the project uses both : "@openzeppelin/contracts": "4.2.0", "@openzeppelin/contracts-upgradeable": "4.2.0". This dependency has a known high severity vulnerability Deserialization of Untrusted Data Proof of Concept Because of the Deserializatio...

6.7AI score
Exploits0
OSV
OSV
added 2022/12/08 3:11 a.m.5 views

GSD-2022-1008160 can: j1939: j1939_send_one(): fix missing CAN header initialization

can: j1939: j1939sendone: fix missing CAN header initialization This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.225 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/12/08 3:3 a.m.9 views

GSD-2022-1008083 Bluetooth: L2CAP: Fix attempting to access uninitialized memory

Bluetooth: L2CAP: Fix attempting to access uninitialized memory This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.154 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/12/08 2:47 a.m.8 views

GSD-2022-1007933 can: j1939: j1939_send_one(): fix missing CAN header initialization

can: j1939: j1939sendone: fix missing CAN header initialization This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.79 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/12/08 2:46 a.m.6 views

GSD-2022-1007923 btrfs: zoned: initialize device's zone info for seeding

btrfs: zoned: initialize device's zone info for seeding This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.79 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/12/08 2:32 a.m.14 views

GSD-2022-1007771 can: j1939: j1939_send_one(): fix missing CAN header initialization

can: j1939: j1939sendone: fix missing CAN header initialization This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.9 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.3 views

PT-2022-36008 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.9 Description: The issue is related to the initialization of device zone info for seeding in btrfs. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

7.2AI score
Exploits0References1
OpenVAS
OpenVAS
added 2022/12/08 12:0 a.m.12 views

WordPress Popular Posts Plugin < 6.1.0 Improper Initialization Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

7.5CVSS7.6AI score0.00846EPSS
Exploits0References2
OSV
OSV
added 2022/12/07 4:15 a.m.12 views

CVE-2022-43468

External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulate...

7.5CVSS6.8AI score
Exploits0References3
Prion
Prion
added 2022/12/07 4:15 a.m.22 views

Xxe

External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulate...

5CVSS7.4AI score0.00846EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/12/07 12:0 a.m.15 views

CVE-2022-43468

External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulate...

7.6AI score0.00846EPSS
Exploits0References3
Citrix
Citrix
added 2022/12/05 12:0 a.m.27 views

Windows 11 VDA machines stuck at Initializing for Azure AD or Hybrid Azure AD

For Citrix MCS provisioned Azure AD or Hybrid Azure AD joined machine catalogs that use Windows 11 22H2 or 23H2 as master VMs’ OS, the VDA machines might be stuck at “Initializing” status after startup. And when you login to the VDA machines and execute the “dsregcmd /status” command, “Provider:...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2022/11/28 12:0 a.m.7 views

Potential PirexReward's producerTokens's rewardToken unsynced with PirexGmx rewardToken can miss calculate the actual reward for user

Lines of code Vulnerability details Impact Potential PirexReward's producerTokens's rewardToken unsynced with PirexGmx rewardToken can miss calculate the actual reward for user Proof of Concept PirexReward initialization does not include rewardToken initialization for producerTokens. Meanwhile...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.12 views

PT-2022-7681

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a use-after-free vulnerability in the Linux kernel, specifically in the amdgpu module. This vulnerability may allow an attacker to impact the confidentiality,...

7.8CVSS6.7AI score0.00234EPSS
Exploits0
OSV
OSV
added 2022/11/15 9:15 p.m.4 views

CVE-2022-30771

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in:...

8.2CVSS5.8AI score0.00193EPSS
Exploits0References2
Rows per page
Query Builder