7 matches found
EUVD-2026-34216
Leftover debug modules contain fixed credentials for internal AWS Cognito test sandboxes, risking asset exploitation...
EUVD-2018-4063
Malware in sbrugna...
Siemens SIMATIC S7-1500 TM MFP Buffer Access with Incorrect Length Value (CVE-2024-42154)
In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: validate source addr length I don't see anything checking that TCPMETRICSATTRSADDRIPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all neither does it for IPv6 but v6 is manual...
Siemens SCALANCE M-800 Missing Encryption of Sensitive Data (CVE-2023-28450)
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
TribeRedeemer.reedem assets can be lost in case of malicious token
Lines of code Vulnerability details Impact The function redeemaddress to, uint256 amountIn to calculate the amount of redemption tokens in turn calls In case of a malicious token will always revert: contract BadBadERC20 is ERC20, ERC20Burnable constructor ERC20"BadToken", "BDT" function...
A Deep Dive into VMDR 2.0 with Qualys TruRisk™
The old way of ranking vulnerabilities doesn’t work anymore. Instead, enterprise security teams need to rate the true risks to their business. In this blog, we examine each of the risk scores delivered by Qualys TruRisk, the criteria used to compute them, and how they can be used to prioritize...
MochiProfileV0.registerAsset() Can Reset Existing Asset Classes
Handle leastwood Vulnerability details Impact registerAsset is used to add assets to the Mochi Protocol. These assets have an associated asset class which represents an asset's risk factor. registerAsset can be called by any user and abused in such a way that existing assets can have their...