CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error

CWA-2025-006: Improper error handling may lead to IBC channel opening despite error Severity High Considerable + Likely^1 Affected versions: - wasmd 0.60.0 - wasmd = 0.51.0 0.55.1 Patched versions: - wasmd 0.60.1, 0.55.1, 0.54.1, 0.53.3 Description of the bug A contract erroring during IBC channe...

CVE-2019-11774

Prior to 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the...

PT-2025-22225

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A bug in the Linux kernel's mm switching code causes TLB flushes to be suppressed in certain situations. This occurs due to a flaw in the should flush tlb function, which fails to send...

PT-2025-3655 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.74 Description: The issue concerns a common bug in the Linux kernel where a TRACE EVENT TP fast assign assigns an address of an allocated string to the ring buffer and then references it in TP printk, which...

wrong return value of totalVotingPower leads to break the OffChainSignatureValidator#isValidSignature() functionality

Lines of code Vulnerability details Bug Description in the OffChainSignatureValidatorisValidSignature function we returns the singerVotingPowerBPS in term of BPSpoints by mul it by 1000 and the totalVotingPower is returned by calling the party.getGovernanceValues.totalVotingPower which is normal...

No proper validation of Singleton

Lines of code Vulnerability details Bug Description Operators, executors, or the Main Console account can execute transactions on behalf of a SubAccount. SubAccounts must have an enabled SafeModerator guard, which checks whether the guard and handler have not been disabled or updated, and whether...

Apple iMessage Flaw Allows Remote Attackers to Read iPhone Messages

Five bugs in Apple’s iMessage service for the iPhone have been uncovered that require no user interaction to exploit, including one that would allow remote attackers to access content stored on iOS devices. First discovered by Google Project Zero security researcher Natalie Silvanovich, Apple has...

Shopify: Staff member can delete Private Apps

Hi Team, Bug description : I noticed that Full access staff member doesn't have access to private Apps Even he has access to Apps. But a Staff member can actually Delete Private Apps through the normal App link by changing the ID. Steps to reproduce : 1. Create A shop and install any app. Also...

ZeewaysCMS - Multiple Vulnerabilities

Exploit for php platform in category web applications ZeewaysCMS Multiple Vulnerabilities Software - ZeewaysCMS Vendor Product Description - ZeewaysCMS is a Content Management System and a complete Web & Mobile Solution developed by Zeeways for Corporates, Individuals or any kind of Business need...

TPO Duyuru Insecure Cookie Handling

Discovered by : Septemb0x + Script Name : TPO Duyuru Scripti + Download Script : http://phpexplorer.com/Goster/980 + Bug Description : Can be accessed without password Exploit Code : javascript:document.cookie = "kullanici=; path=/"; Enter to http://target/path/duyuruyonetim.php + Greetz :...

RunCMS <= 1.6 disclaimer.php Remote File Overwrite Exploit

Exploit for unknown platform in category web applications ========================================================== RunCMS RunCmss Bug Yahoo! Crawler body font-size: 10px; font-family: verdana; INPUT BORDER-TOP-WIDTH: 1px; FONT-WEIGHT: bold; BORDER-LEFT-WIDTH: 1px; FONT-SIZE: 10px;...

wfsections 1.07 advisory

Program: wfsections Verion: 1.07 Bug Type: SQL Injection Bug Discription: ================================= In file class/wfsfiles.php, we can see this function: //START function getAllbyArticle$articleid $db =& Database::getInstance; $table = $db-prefix"wfsfiles"; $ret = array; $sql = "SELECT FR...

webfsd fun. opensource is god .lol windows

webfsd fun. opensource is god .lol windows pst.security advisory 2005-2-20 Systems affected: unstable webfsd 1.21 stable wenfsd 1.17.2 no affected no..all remote exploitable 1: why advisory? this bug is found two years ago ,yeach, debian and webfsd coder can't path this hehe...:P it is no...

DoS in Rsniff 1.0

Luigi Auriemma Application: RSniff Remote Sniff http://www.cse.sc.edu/madamanc/projects.html Versions: 1.0 Platforms: Linux Bug: Denial of Service Risk: low Exploitation: remote Date: 09 Apr 2004 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction...

DailyDose v 1.1

Bug is found in this script: DailyDose v 1.1 by www.onlinearts.net The script dose.pl does not check the input: $data=$ENV'QUERYSTRING'; $command,$list,$temp, $id = split "&",$data,4; . . . local $template = "$tempdir/$temp"; openTEMPL, "$template" || print "no file found $template!"; open withou...

Abyss X1 1.1.2 remote crash

Application: Abyss Webserver http://www.aprelium.com Versions: X1 v 1.1.2 Platform: Windows and Linux Bug: Crash caused by the reading of an unreacheable memory zone Risk: Remote crash Author: Auriemma Luigi e-mail: [email protected] web: http://www.pivx.com/luigi/ 1 Introduction 2 Bug 3 The Code 4...