Lucene search
K

78 matches found

Code423n4
Code423n4
added 2021/09/15 12:0 a.m.9 views

Vault: Swaps at parity with swap fee = withdrawal fee

Handle hickuphh3 Vulnerability details Impact The vault treats all assets to be of the same price. Given that one can also deposit and withdraw in the same transaction, this offers users the ability to swap available funds held in the vault at parity, with the withdrawal protection fee 0.1%...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/05/11 12:0 a.m.11 views

The direct redeem fee can be circumvented

Handle janbro Vulnerability details Summary The direct redeem fee can be circumvented Risk Rating Medium Vulnerability Details Since the random NFT is determined in the same transaction a payment or swap is being executed, a malicious actor can revert a transaction if they did not get the NFT the...

7AI score
Exploits0
Snyk
Snyk
added 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview asset-pipeline is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using asset-pipeli...

8CVSS5.5AI score
Exploits0References2
Snyk
Snyk
added 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview action-pubsub is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using action-pubsub...

8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2020/04/17 12:0 a.m.4 views

Malicious Package

Overview absplit is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using absplit altogether...

8CVSS6.7AI score
Exploits0References2
Snyk
Snyk
added 2020/04/17 12:0 a.m.2 views

Malicious Package

Overview activeadmin-jfuupload is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2020/04/17 12:0 a.m.2 views

Malicious Package

Overview edmunds-vin is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using edmunds-vin...

8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview ability-engine is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using ability-engi...

8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2020/04/17 12:0 a.m.3 views

Malicious Package

Overview apns-polite is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using apns-polite...

8CVSS5.5AI score
Exploits0References2
Snyk
Snyk
added 2020/04/17 12:0 a.m.3 views

Malicious Package

Overview airbrake-userattributes is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2020/04/17 12:0 a.m.4 views

Malicious Package

Overview auto-scalingmethods is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2020/04/17 12:0 a.m.5 views

Malicious Package

Overview basicstats is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using basicstats...

8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2020/04/17 12:0 a.m.2 views

Malicious Package

Overview cocoapodsicemobile-plugin is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
Krebs on Security
Krebs on Security
added 2019/08/07 10:43 p.m.64 views

Who Owns Your Wireless Service? Crooks Do.

Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary. A noticeable uptic...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/12/11 12:0 a.m.33 views

SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2018:3767-2)

This update for systemd fixes the following issues : Security issues fixed : CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 CVE-2018-15686: A vulnerability in unitdeserialize ...

8.8CVSS7.2AI score0.02279EPSS
Exploits4References14
Krebs on Security
Krebs on Security
added 2018/08/29 10:59 p.m.48 views

Instagram’s New Security Tools are a Welcome Step, But Not Enough

Instagram users should soon have more secure options for protecting their accounts against Internet bad guys. On Tuesday, the Facebook-owned social network said it is in the process of rolling out support for third-party authentication apps. Unfortunately, this welcome new security offering does...

7.4AI score
Exploits0
OSV
OSV
added 2018/06/04 4:29 p.m.3 views

CVE-2016-10668

libsbml is a module that installs Linux binaries for libSBML libsbml downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the...

8.1CVSS6.3AI score0.02021EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/12/13 12:0 a.m.65 views

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7812)

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed : - A USB string descriptor overflow in the auerwald USB driver was fixed, which could be used by physically proximate attackers to cause a...

8.8CVSS7.2AI score0.0206EPSS
Exploits4References10
Rows per page
Query Builder