Lucene search
K

40 matches found

Code423n4
Code423n4
added 2023/07/28 12:0 a.m.13 views

Incorrect implementation of binary search in _find() in History.sol can make BaseVotingVault.sol break and cannot return correct staleIndex

Lines of code Vulnerability details Impact The binary search implemented in find in History.sol is incorrect and in some cases cannot return a correct stale index, and as a result some functions in baseVotingVault.sol can not work properly like queryVotePower. Although History.sol is not in scope...

6.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.3 views

SUSE CVE-2013-5619

Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JavaScript code...

7.5CVSS9.2AI score0.03707EPSS
Exploits0References6
Code423n4
Code423n4
added 2023/02/03 12:0 a.m.13 views

setDrips may distribute the drip too fast if the time hints are not good enough

Lines of code Vulnerability details Impact The setDrips function is used to configure a drip. It can either be withdrawing it, adding a new one, or even managing an existing one by updating the configuration. Internally, it account for the drips that are yet to be distributed to refund them to th...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/01/19 12:0 a.m.8 views

Infinite Loop Vulnerability in endIdForWithdraw() Function.

Lines of code Vulnerability details Impact While loop within the endIdForWithdraw function. while left time test = left + right / 2; // left test right because left right - 1 if queuetest.availableAt = time left = test; else right = test; This loop can cause an infinite loop if the loop invariant...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/10/21 12:0 a.m.10 views

Iterations over all tiers in recordMintBestAvailableTier can render system unusable

Lines of code Vulnerability details Impact JBTiered721DelegateStore.recordMintBestAvailableTier potentially iterates over all tiers to find the one with the highest contribution floor that is lower than amount. When there are many tiers, this loop can always run out of gas, which will cause some...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/09/15 12:0 a.m.3 views

The voting power cannot be returned deterministically, if there are multiple checkpoints sharing the same timestamp

Lines of code Vulnerability details Impact Specifically, when writing a checkpoint, the code does not check whether the latest checkpoint is also in the current block. Consider a user makes multiple times of token transfer, the ERC721Votes contract will record multiple checkpoints with the same...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/04/02 12:0 a.m.11 views

Past state query results are susceptible to manipulation due to multiple states with same block number

Lines of code https://github.com/code-423n4/2022-0...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2021/12/24 11:30 a.m.28 views

SQLbit - Just Another Script For Automatize Boolean-Based Blind SQL Injections

A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwise comparisons with multithreading to find cell values instead of binary search, which is more efficient. It's able to: Search cell values by columns in a table Search...

7.8AI score
Exploits0References1
Kitploit
Kitploit
added 2018/03/09 1:10 p.m.26 views

Rop-Tool - A Tool To Help You Write Binary Exploits

A tool to help you writing binary exploits OPTIONS rop-tool v2.4.1 Help you to make binary exploits. Usage: rop-tool OPTIONS Commands : gadget Search gadgets patch Patch the binary info Print info about binary heap Display heap structure disassemble Disassemble the binary search Search on binary...

7.5AI score
Exploits0References1
0day.today
0day.today
added 2016/06/29 12:0 a.m.44 views

WordPress Ultimate Membership Pro 3.3 Plugin - SQL Injection

Exploit for php platform in category web applications Vendor Homepage: http://wpindeed.com/ Software Link: http://codecanyon.net/item/ultimate-membership-pro-wordpress-plugin/12159253 Version: 3.3 Tested on: Debian 8, PHP 5.6.17-3 Type: Unauthenticated Blind SQLi, Unauthenticated Payment Bypass...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2016/06/29 12:0 a.m.29 views

WordPress Plugin Ultimate Membership Pro 3.3 - SQL Injection

Vendor Homepage: http://wpindeed.com/ Software Link: http://codecanyon.net/item/ultimate-membership-pro-wordpress-plugin/12159253 Version: 3.3 Tested on: Debian 8, PHP 5.6.17-3 Type: Unauthenticated Blind SQLi, Unauthenticated Payment Bypass Time line: Found 07-Jun-2016, Vendor notified...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection

No description provided by source. !/usr/bin/python ''' AlienVault has a reflected XSS vulnerability in the url parameter of top.php. Proof of Concept: Enticing a logged in user to visit the following URL where an attacker is hosting an cookie grabber will allow for the hijacking of the user...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/12/20 12:0 a.m.36 views

SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 8657)

Mozilla Firefox has been updated to the 24.2.0 ESR security release. This is a major upgrade from the 17 ESR release branch. Security issues fixed : - Application Installation doorhanger persists on navigation. MFSA 2013-105. CVE-2013-5611 - Miscellaneous memory safety hazards rv:24.2. MFSA...

10CVSS7.4AI score0.11076EPSS
Exploits13References37
Tenable Nessus
Tenable Nessus
added 2013/12/16 12:0 a.m.29 views

Mozilla Firefox < 26.0 Multiple Vulnerabilities

Binary data 8070.prm...

10CVSS7.7AI score0.11076EPSS
Exploits13References27
ATTACKERKB
ATTACKERKB
added 2013/12/11 3:55 p.m.1 views

CVE-2013-5619

Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JavaScript code...

7.5CVSS5.9AI score0.03707EPSS
Exploits0References15
Mozilla
Mozilla
added 2013/12/10 12:0 a.m.46 views

Potential overflow in JavaScript binary search algorithms — Mozilla

Compiler Engineer Dan Gohman of Google reported that binary search algorithms in the SpiderMonkey JavaScript engine were prone to overflow in several places, leading to potential out-of-bounds array access. While none of these are known to be directly exploitable, they are unsafe in theory and ha...

7.5CVSS2.8AI score0.03707EPSS
Exploits0References2Affected Software2
The Hacker News
The Hacker News
added 2010/11/07 1:34 a.m.9 views

SqlInjector : A MS SQL Server Blind Injector !

SqlInjector was originally called as BlindSQLInjector. SqlInjector is an application to perform completely blind SQL injection, that currently supports only MS SQL Server. It uses time based inference to determine true or false conditions to extract data. The key feature is that it uses a binary...

7.7AI score
Exploits0
rdot
rdot
added 2010/07/09 12:0 a.m.25 views

Быстрый Blind SQL Injection.

Быстрый Blind SQL Injection. 1 INTRO Основной проблемой при работе с Blind SQL Injection является огромное количество запросов, которое необходимо послать на сервер для получения символов из БД, и, соответственно, долгое время работы. Понятно, что вручную получать данные из БД практически...

9.1AI score
Exploits0
seebug.org
seebug.org
added 2007/10/31 12:0 a.m.48 views

SMF 1.1.3 Extremely fast Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total Bypass of SMF's SQL...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2007/10/20 12:0 a.m.31 views

Simple Machines Forum 1.1.3 Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total Bypass of SMF's SQL...

6.7AI score
Exploits0
Rows per page
Query Builder