The pledge creators might lose all of their funds by recoverERC20().

Lines of code Vulnerability details Impact There is a recoverERC20 function to withdraw ERC20 tokens from the contract. Currently, it checks if the token isn't an active reward token but it can be passed easily if the admin removes the reward token using removeRewardToken. So if the admin removes...

CVE-2022-43281

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

CVE-2022-43281

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

PYSEC-2022-43187

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

PYSEC-2022-43187

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

DEBIAN-CVE-2022-43281

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

UBUNTU-CVE-2022-43281

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

Design/Logic Flaw

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

CVE-2022-43281

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

CVE-2022-43281

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

WABT 缓冲区错误漏洞

WABT is a WebAssembly binary toolkit open-sourced by WebAssembly. A security vulnerability exists in WABT wasm-interp version 1.0.29, which stems from a heap-based buffer overflow issue in /bits/stlvector.h. The vulnerability is caused by a heap-based buffer overflow issue...

CVE-2022-43281

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

CVE-2022-43281

The CVE-2022-43281 entry concerns wasm-interp v1.0.29, which is reported to have a heap overflow in the vector implementation: std::vector::size() as implemented in /bits/stl_vector.h. According to the primary description, this vulnerability is characterized with high impact (C, I, A) and a local...

CVE-2022-43281

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

SUSE: Security Advisory (SUSE-SU-2022:3783-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-QM95-PGCG-QQFQ Insufficient validation when decoding a Socket.IO packet

Due to improper type validation in the socket.io-parser library which is used by the socket.io and socket.io-client packages to encode and decode Socket.IO packets, it is possible to overwrite the placeholder object which allows an attacker to place references to functions at arbitrary places in...

CVE-2022-39362 Metabase vulnerable to arbitrary SQL execution from queryhash

Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9, unsaved SQL queries are auto-executed, which could pose a possible attack vector. This issue is patched in versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9...

Metabase 安全漏洞

Metabase is an open source data analytics platform from Metabase, Inc. in the United States. A security vulnerability exists in Metabase that stems from unsaved SQL queries being executed automatically, which could constitute a possible attack vector...

DEBIAN-CVE-2022-42890

A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16...

DEBIAN-CVE-2022-41704

A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16...