crm.avantadjusting.com Improper Access Control vulnerability OBB-3807371

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Wrong inequality when adding/removing liquidity in current price range

Handle cmichel Vulnerability details The ConcentratedLiquidityPool.mint/burn functions add/remove liquidity when priceLower currentPrice && currentPrice priceUpper. Shouldn't it also be changed if priceLower == currentPrice? Impact Pools that mint/burn liquidity at a time where the currentPrice i...

Reentrancy Attack

openzeppelin-solidity is vulnerable to reentrancy attack. The vulnerability exists when a extend custom beforeTokenTransfer is invoked when burning tokens and before the send hook is externally called on the sender while token balances are adjusted after the process and this may cause the...

Dart Communications PowerTCP Service Control Remote BoF Exploit

No description provided by source. !-- IE 6 / Dart Communications PowerTCP Service Control DartService.dll 3.1.3.3 remote buffer overflow exploit / xp sp2 ita ver by rgod site: retrogod.altervista.org software site: www.dart.com Install, Uninstall methods are vulnerable shellcode is executed afte...

Spoofing using custom cursor and CSS3 hotspot — Mozilla

David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using a large, mostly transparent, custom cursor and adjusting the CSS3 hotspot property so that the visible part of the cursor floated outside the browser content area...