LOWER BOUNDARY OF DRAWING TOKEN RANGE IS TOO LOW

Lines of code Vulnerability details Impact The current logic in VRFNFTRandomDraw.sol could lead to undesirable edge cases due to allowing the lower limit of the drawing token range to be as low as 2. It could lead to a long drag before the raffle could end or cancel if one of the drawing tokens i...

Samba AD DC using Heimdal can be forced to

Description Kerberos, the trusted third party authentication system at the heart of Active Directory, issues a ticket using a key known to the target server but nobody else, returned to the client in a TGS-REP. This key needs to be of a type understood only by the KDC and target server. However,...

PUB-A-231583603

In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User interaction is not needed for exploitation...

H01: code is not same as intended function description

Lines of code Vulnerability details MIMOAutoAction.sol, 26-38 / @notice Sets a vault automation parameters @dev Can only be called by vault owner @param vaultId Vault id of the vault to be automated @param autoParams AutomatedVault struct containing all automation parameters / function...

Swapper3Crv.sol use the wrong address for sushiswap

Lines of code Vulnerability details Impact This seems to be out of scope, but still worth mentioning. This line should be address sushiSwap = SUSHISWAP; --- The text was updated successfully, but these errors were encountered: All reactions...

Seems to be an inattention error

Lines of code Vulnerability details Shouldn't it be mintto, shares; ? Currently the using mint , one would receive as many shares as assets they transfer, which is not the intended behaviour --- The text was updated successfully, but these errors were encountered: All reactions...

CVE-2020-13846

Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code...

UBUNTU-CVE-2020-13846

Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code...

CVE-2018-5743

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of...

Fixed in Apache Tomcat 7.0.4

Low: SecurityManager file permission bypass CVE-2010-3718 When running under a SecurityManager, access to the file system is limited but web applications are granted read/write permissions to the work directory. This directory is used for a variety of temporary files such as the intermediate file...

Debian Security Advisory DSA 047-1 (various kernel packages)

The remote host is missing an update to various kernel packages announced via advisory DSA 047-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Bbsxp 2 0 0 7[previous version don't know]an interesting vulnerability-vulnerability warning-the black bar safety net

| cpmpact. asp % option explicit Const JET3X = 4 if ""&Request"sessionid"&""""&session. sessionid&"" then error"validation code error" Dim dbpath,boolIs97 dbpath = Request"dbpath" boolIs97 = Request"boolIs97" If dbpath "" Then dbpath = server. mappathdbpath response. writeCompactDBdbpath,boolIs97...

FSA-018.txt

----------------------------------------------------- Advisory id: FSA:018 Author: Federico Fazzi Date: 15/06/2006, 23:36 Sinthesis: Calendarix 0.7.20060401, SQL Injection Vulnerabilities Type: low Product: http://www.calendarix.com/ Patch: unavailable...