9 matches found
ConduitController: Smart Contract Initial Owner Vulnerability
Lines of code Vulnerability details Bug Description The createConduit function in the ConduitController smart contract is responsible for deploying new conduits, or contracts that allow registered callers or open "channels" to transfer approved ERC20/721/1155 tokens on their behalf. The function...
Dart has an unspecified vulnerability
Dart is an open source programming language. A security vulnerability exists in the Dart SDK, which could be exploited by an attacker to embed source code that is not visible to code reviewers to modify the behavior of the program in unexpected ways...
IBM Cognos Analytics Gain Access Vulnerability
IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. IBM Cognos Analytics has a...
CVE-2018-1058
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected...
SuSE 11.2 Security Update : Java 1.6.0 (SAT Patch Number 7332)
java-160-openjdk based on Icedtea6-1.12.2 was released, fixing various security issues : New in release 1.12.2 2012-02-03 : - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name ...
Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2013:010)
Multiple security issues were identified and fixed in OpenJDK icedtea6 : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Impro...
CVE-2010-3557
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...
Design/Logic Flaw
The dbglvl file for the megaraidsas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the 1 behavior and 2 logging level of the driver by modifying this file...
Mandrake Security Advisory MDVSA-2009:065 (php4)
The remote host is missing an update to php4 announced via advisory MDVSA-2009:065. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...