CVE-2022-36061 Elrond go can execute on same context checks in VM

Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B...

CVE-2022-23680

AOS-CX lacks Anti-CSRF protections in place for state-changing operations. This can potentially be exploited by an attacker to execute commands in the context of another user in ArubaOS-CX Switches versions: AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX...

nonReentrant modifier is not added to all functions that generate state changes, there is a possibility of re-entry.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. I noticed that the nonReentrant modifier only adds some of the functions that generate state changes to the InfinityExchange.sol contract, which provides the feasibility of reentrancy between multiple...

Gauge Functionalities Still Accessible After Being "Killed"

Lines of code Vulnerability details Proof-of-Concept The Voter contract contains a killGauge function that allow the emergency council to kill a gauge. The killGauge function will set the isAlive mapping to false. Thus, calling Voter's functions e.g. Voter.updateGauge, Voter.distributegauge again...

Vivoh Webinar Manager 授权问题漏洞

Vivoh Webinar Manager is a multicast application manager from the Vivoh team. A security vulnerability exists in the API prior to Vivoh Webinar Manager version 3.6.3.0 that stems from incorrect API authentication. When a user logs into the Management Configuration Web Portlet, a VIVOHAUTH cookie ...

CVE-2022-22552

Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exploit this vulnerability to trick the victim into executing state changing operations...

CVE-2022-22155

An Uncontrolled Resource Consumption vulnerability in the handling of IPv6 neighbor state change events in Juniper Networks Junos OS allows an adjacent attacker to cause a memory leak in the Flexible PIC Concentrator FPC of an ACX5448 router. The continuous flapping of an IPv6 neighbor with...

Incorrect balance computed in getUsersConfirmedButNotSettledSynthBalance()

Handle hack3r-0m Vulnerability details Consider the following state: longsynthbalace = 300; shortsynthbalace = 200; marketUpdateIndex1 = x; userNextPricecurrentUpdateIndex = 0; userNextPricesyntheticTokentoShiftAwayFrommarketSide1true = 0; batchedamountSyntheticTokentoShiftAwayFrommarketSide1true...

Flows can bypass market and global pause

Handle 0xRajeev Vulnerability details Impact Ability to pause all token transfers and all state changes for contracts is a “guarded-launch” best-practice for emergency situations for newly launched projects. The project implements this using a marketsPaused flag per market and a globalPause flag...

EIP-721 / EIP-1155 Re-Entrancy Vulnerability

Handle 0xsomeone Vulnerability details Impact The impact of this finding is difficult to estimate as the contract system within scope is limited in how the various components are meant to be utilized. A definitive side-effect of this re-entrancy is the delayed application of the afterRedeemHook...

IBM StoredIQ elevation of privilege vulnerability (CNVD-2018-26905)

IBM StoredIQ is a suite of data visualization and processing platforms from IBM, USA. The platform provides scalable analytics and governance of unstructured data, as well as records management, storage optimization and migration of data. A security vulnerability exists in IBM StoredIQ. An attack...

ZyXEL NSA325 V2 Cross-Site Request Forgery Vulnerability

The ZyXEL NSA325 V2 is a network storage device from Hopkins ZyXEL Technology. A security vulnerability exists in the web application of the ZyXEL NSA325 V2 version 4.81. The vulnerability can be exploited by an attacker to perform a state change operation using a specially crafted HTTP form...

CVE-2017-14467

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

DEBIAN-CVE-2014-8414

ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 before 11.6-cert8 does not properly handle state changes, which allows remote attackers to cause a denial of service channel hang and memory consumption by causing transitions to be delayed, which triggers a state change from...

CVE-2014-8414

ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 before 11.6-cert8 does not properly handle state changes, which allows remote attackers to cause a denial of service channel hang and memory consumption by causing transitions to be delayed, which triggers a state change from...

Design/Logic Flaw

ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 before 11.6-cert8 does not properly handle state changes, which allows remote attackers to cause a denial of service channel hang and memory consumption by causing transitions to be delayed, which triggers a state change from...

Facebook Releases osquery to Open Source

Facebook is in a giving mood today. The social networking giant announced today that it will release to open source a framework that detects and logs state changes in an operating system likely caused by an attack or performance meltdown. It also announced that it will hand out up to $300,000 nex...

Memory corruption

Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonControll...

CVE-2010-3113

Removed by vendor...

Sandbox filter, tag and function allow-list bypass when sandbox state changes between renders

More info at https://symfony.com/blog/cve-2026-46636-sandbox-filter-tag-and-function-allow-list-bypass-when-sandbox-state-changes-between-renders...