27 matches found
EUVD-2010-3290
Malware in sbrugna...
EUVD-2012-2027
Malware in sbrugna...
EUVD-2020-1588
Malware in sbrugna...
Malicious code in Rockstar.AssetManager.Infrastructure (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Rebalance will fail due to low precision of percentages
Handle cmichel Vulnerability details The AssetManager.rebalance function has a check at the end to ensure that all tokens are deposited again: requiretoken.balanceOfaddressthis == 0, "AssetManager: there are remaining funds in the fund pool"; The idea is that the last market deposits all...
AssetManager's rebalance function can fail if the last moneyMarket doesn't support a token and the balance gathered is odd
Handle hyh Vulnerability details Summary AssetManager's rebalance function, , will fail if the last moneyMarket doesn't support a token its supportsTokentokenAddress is false, while remaining balance be positive, which can be the case even if no allocation to the last moneyMarket is due as a dust...
rebalance function will fail due to invalid condition
Handle csanuragjain Vulnerability details Impact User will be unable to rebalance the fund Proof of Concept 1. Navigate to contract at 2. Check the rebalance function function rebalanceaddress tokenAddress, uint256 calldata percentages external override checkMarketSupportedtokenAddress onlyAdmin...
CVE-2020-0081
In finalize of AssetManager.java, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9...
CVE-2020-0081
CVE-2020-0081 is a local-elevation vulnerability in the Android Framework (AssetManager.java) caused by a double-free leading to memory corruption. Affected: Android 8.0–10; exploit requires local access with no user interaction. Exploitation status is not detailed in the provided documents. Reme...
CVE-2020-0081
In finalize of AssetManager.java, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9...
Chadha PHPKB path traversal vulnerability (CNVD-2020-18322)
Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A path traversal vulnerability exists in admin/assetmanager/assetmanager.php in Chadha PHPKB Standard Multi-Language 9. An attacker...
HP AssetManager crossite scripting
Multiple crossite scripting possibilities...
[security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03403333 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03403333 Version: 1 HPSBGN02787...
CVE-2012-2021
Multiple cross-site scripting XSS vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-2021
HP AssetManager is affected by CVE-2012-2021: remote XSS vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 due to unspecified vectors that could allow injection of arbitrary script/HTML. The HP Security Bulletin HPSBGN02787 rev.1 documents the vulnerable software versions and notes th...
CVE-2012-2021
Multiple cross-site scripting XSS vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Abroad a BLOG program 0day-vulnerability warning-the black bar safety net
Abroad a BLOG program 0day Batch: inurl:/admin/SiteEngineManager The use of EXp www.test.com/admin/SiteEngineManager/components/Editor/assetmanager/assetmanager.asp...
HP AssetCenter / AssetManager crossite scripting
No description provided...
[security bulletin] HPSBMA02596 SSRT100271 rev.1 - HP AssetCenter and HP AssetManager for AIX, HP-UX, Linux, Solaris and Windows , Remote Cross Site Scripting (XSS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02535850 Version: 1 HPSBMA02596 SSRT100271 rev.1 - HP AssetCenter and HP AssetManager for AIX, HP-UX, Linux, Solaris and Windows , Remote Cross Site Scripting XSS NOTICE: The information in this...