attacker can perform griefing for process() in PromiseRouter by reverting calls to callback() in callbackAddress

Lines of code Vulnerability details Impact process in PromiseRouter is used for process stored callback function and anyone calls it gets callbackFee and it calls callback function of callbackAddress. but attacker set a callbackAddress that reverts on callback and cause process caller griefing...

CVE-2022-1789

With shadow paging enabled, the INVPCID instruction results in a call to kvmmmuinvpcidgva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference...

CVE-2021-42203

An issue was discovered in swftools through 20201222. A heap-use-after-free exists in the function swfFontExtractDefineTextCallback located in swftext.c. It allows an attacker to cause code execution...

CVE-2021-42199

An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swfFontExtractDefineTextCallback located in swftext.c. It allows an attacker to cause code execution...

UBUNTU-CVE-2021-42199

An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swfFontExtractDefineTextCallback located in swftext.c. It allows an attacker to cause code execution...

UBUNTU-CVE-2021-42203

An issue was discovered in swftools through 20201222. A heap-use-after-free exists in the function swfFontExtractDefineTextCallback located in swftext.c. It allows an attacker to cause code execution...

Swftools 缓冲区错误漏洞

Swftools is a set of utilities for working with Adobe Flash files SWF files. An out-of-bounds write vulnerability exists in Swftools 2020-12-22 and prior versions, which stems from a heap buffer overflow in function swfFontExtractDefineTextCallback located in swftext.c. The vulnerability is cause...

Swftools 资源管理错误漏洞

Swftools is a set of utilities for working with Adobe Flash files SWF files. A post-release use vulnerability exists in Swftools 2020-12-22 and prior versions, which stems from a heap-based post-release reuse issue in the function swfFontExtractDefineTextCallback located in swftext.c. The...

BathToken.sol#_deposit() attacker can mint more shares with re-entrancy from hookable tokens

Lines of code Vulnerability details BathToken.soldeposit calculates the actual transferred amount by comparing the before and after balance, however, since there is no reentrancy guard on this function, there is a risk of re-entrancy attack to mint more shares. Some token standards, such as ERC77...

CardGate Payments plugin for WooCommerce does not validate request origin

An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings merchant ID, secret key, etc. and therefore bypass...

GHSA-5PQ5-9PHV-Q5J3 CardGate Payments plugin for WooCommerce does not validate request origin

An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings merchant ID, secret key, etc. and therefore bypass...

CVE-2022-31261

An XXE issue was discovered in Morpheus through 5.2.16 and 5.4.x through 5.4.4. A successful attack requires a SAML identity provider to be configured. In order to exploit the vulnerability, the attacker must know the unique SAML callback ID of the configured identity source. A remote attacker ca...

CVE-2022-31261

An XXE issue was discovered in Morpheus through 5.2.16 and 5.4.x through 5.4.4. A successful attack requires a SAML identity provider to be configured. In order to exploit the vulnerability, the attacker must know the unique SAML callback ID of the configured identity source. A remote attacker ca...

CVE-2022-31261

An XXE issue was discovered in Morpheus through 5.2.16 and 5.4.x through 5.4.4. A successful attack requires a SAML identity provider to be configured. In order to exploit the vulnerability, the attacker must know the unique SAML callback ID of the configured identity source. A remote attacker ca...

Morpheus Data Morpheus 代码问题漏洞

Morpheus Data Morpheus is a powerful self-service engine from Morpheus Data USA, Inc. that delivers enterprise agility, control and efficiency. A security vulnerability exists in Morpheus Data Morpheus version 5.2.16 and version 5.4.x prior to version 5.4.4, which stems from the discovery of an X...

GHSA-PCHF-755W-JJ6V QooxDoo XSS in Callback Parameter

Cross-site scripting XSS vulnerability in framework/source/resource/qx/test/jsonpprimitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web script or HTML via the callback parameter...

QooxDoo XSS in Callback Parameter

Cross-site scripting XSS vulnerability in framework/source/resource/qx/test/jsonpprimitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web script or HTML via the callback parameter...

JBoss Keycloak CSRF Vulnerability

The org.keycloak.services.resources.SocialResource.callback method in JBoss KeyCloak before 1.0.3.Final allows remote attackers to conduct cross-site request forgery CSRF attacks by leveraging lack of CSRF protection...

Moodle Unauthenticated users can trigger custom messages to admin via paypal enrol script

A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions. Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was...

Cross-site Scripting (XSS)

org.wso2.carbon.identity.mgt.endpoint.util is vulnerable to cross-site scripting. The vulnerability exists due to the lack of regular expression validation in the localVarPath parameter in the recover function of PasswordRecoveryApiV1.java, allowing an attacker to inject and execute malicious...