Lucene search
K

52 matches found

Debian CVE
Debian CVE
added 2026/04/24 2:42 p.m.4 views

CVE-2026-31625

In the Linux kernel, the following vulnerability has been resolved: HID: alps: fix NULL pointer dereference in alpsrawevent Commit ecfa6f34492c "HID: Add HIDCLAIMEDINPUT guards in rawevent callbacks missing them" attempted to fix up the HID drivers that had missed the previous fix that was done i...

5.5CVSS5.2AI score0.00125EPSS
Exploits0
NVD
NVD
added 2025/09/06 3:15 a.m.9 views

CVE-2025-58437

Coder allows organizations to provision remote development environments via Terraform. In versions 2.22.0 through 2.24.3, 2.25.0 and 2.25.1, Coder can be compromised through insecure session handling in prebuilt workspaces. Coder automatically generates a session token for a user when a workspace...

8.1CVSS0.00349EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-10577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Janus through 0.9.1. janus.c has multiple concurrent threads that misuse the source property of a session, leading to a race conditio...

5.8CVSS6AI score0.00464EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/06 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from btusb mediatek not locking when calling usbdriverclaiminterface, which could result in an error...

5.5CVSS6.5AI score0.00128EPSS
Exploits0References5
CVE
CVE
added 2024/12/02 4:34 p.m.50 views

CVE-2024-50381

CVE-2024-50381 affects Snap One OvrC Cloud. The Red Hat/NVD/ICS data show the issue: an attacker can impersonate a hub and send requests to claim/unclaim devices using the MAC address, enabling remote access/control within OvrC Pro. Affected product: OvrC Pro (all versions before 7.3). Impact and...

8.8CVSS6.5AI score0.00542EPSS
Exploits0References1
NVD
NVD
added 2024/07/01 9:15 p.m.44 views

CVE-2024-38368

trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. A vulnerability affected older pods which migrated from the pre-2014 pull request workflow to trunk. If the pods had never been claimed then it was still possible to do so. It was also possible to have all...

9.3CVSS0.14851EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/07/01 9:5 p.m.21 views

CVE-2024-38368 Trunk's 'Claim your pod' could be used to obtain un-used pods

trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. A vulnerability affected older pods which migrated from the pre-2014 pull request workflow to trunk. If the pods had never been claimed then it was still possible to do so. It was also possible to have all...

9.3CVSS7.3AI score0.14851EPSS
Exploits0References5
CVE
CVE
added 2024/07/01 9:5 p.m.80 views

CVE-2024-38368

CVE-2024-38368 concerns CocoaPods trunk authentication server vulnerability where unclaimed pods could be claimed or where all owners could be removed, enabling takeover of pods migrated from the pre-2014 workflow to trunk. The issue stems from how ownership was managed on CocoaPods’ trunk server...

9.3CVSS9.4AI score0.14851EPSS
Exploits0References5Affected Software1
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.14 views

Users of ReraiseCrowdfund will potentially not receive appropriate voting power

Lines of code Vulnerability details Bug Description The recent code update introduces the functionality for authorities to reduce the total voting power by invoking the decreaseTotalVotingPower function of the party. However, this functionality can lead to issues when used in the time frame after...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/10/06 12:0 a.m.7 views

Front-Running Vulnerability: Exploiting Reward Updates for Maximized Payouts

Lines of code Vulnerability details Impact Malicious users claim rewards at a higher rate than what was intended by front-running governance actions meant to reduce rewards. This allows them to claim rewards at a higher rate than what was intended, undermining the protocol's intended economic...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/10/04 12:0 a.m.9 views

Prime.sol - User can claim Prime token without having any staked XVS, because his stakedAt isn't reset whenever he is issued an irrevocable token.

Lines of code Vulnerability details Impact Whenever a new Prime token is created, the users stakedAt is reset to 0. This happens when the user claim a revocable token and when he is issue a revocable token, but it does not happen when a user is issue an irrevocable token. This is issue function...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/10/04 12:0 a.m.8 views

User Score Not Updated During Interest Claim, Leading to Incorrect Interest Calculations

Lines of code Vulnerability details Impact This oversight in the contract logic may lead to incorrect interest calculations for users. Specifically, if a user's balance or the factors contributing to the score changes between interest accruals due to actions outside of staking more tokens, the...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/08/10 12:0 a.m.8 views

Misaligned Epoch Calculation for Reward Claims

Lines of code Vulnerability details Impact When users attempt to claim rewards, the contract calculates the claimEnd and subsequently updates the userClaimedEpoch using claimEnd + WEEK. This might result in misaligned epochs in scenarios where claimUpToTimestamp is less than or more than a week. ...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/07/14 12:0 a.m.67 views

Malicious claimer could arbitrage the prize-claiming functionality

Lines of code Vulnerability details Impact The feePerClaim is a user controlled parameter which tops at tierLiquidity.prizeSize for a given tier see here for that. That means the CLAIMER can set arbitrary fees for a given call to claimPrize to increase maliciously the collected fees with //...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/07/13 12:0 a.m.5 views

Unauthorized Access to Tokens in returnTokensToOwner function.

Lines of code Vulnerability details Impact returnTokensToOwner Function: Attack Surface: This function allows the DAO contract to unescrow tokens and return them to the original owner. The returnTokensToOwner function allows the DAO contract to unescrow tokens by transferring them from the...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/07/07 12:0 a.m.16 views

The merkle tree might be revoked again after being used to claim rewards.

Lines of code Vulnerability details Impact The merkle tree might be revoked again after being used to claim rewards. Proof of Concept The governor can revoke the merkle tree using revokeTree. function revokeTree external onlyGovernorOrGuardian if disputer != address0 revert UnresolvedDispute;...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/07/07 12:0 a.m.10 views

Poor detection of disputed trees allows claiming tokens from a disputed tree

Lines of code Vulnerability details Targets Impact Users can claim rewards from a Merkle tree that's being disputed. This can potentially lead to loss of funds since a malicious trusted EOA can claim funds from a malicious tree while it's being disputed. Proof of Concept The...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/30 12:0 a.m.17 views

Rage quitter loses his claimable share of distributed tokens

Lines of code Vulnerability details Impact Rage quitter loses his claimable share of distributed tokens. Proof of Concept PartyGovernanceNFT.rageQuit burns a governance NFT and transfers its share of the balance of ETH and tokens: // Burn caller's party card. This will revert if caller is not the...

6.8AI score
Exploits0
NVD
NVD
added 2023/05/22 8:15 p.m.29 views

CVE-2023-31241

Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright...

10CVSS9.3AI score0.00764EPSS
Exploits0References1
Prion
Prion
added 2023/05/22 3:15 p.m.22 views

Information disclosure

Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows users to claim their devices. This function returns information based on whether the serial number of a device has already been claimed, the MAC address of a device has already been claimed, or whether th...

5CVSS6.3AI score0.00544EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder