Lucene search
K

6041 matches found

Veracode
Veracode
added 2024/06/18 8:26 a.m.12 views

Improper Authorization

Evmos is vulnerable to Improper Authorization. The vulnerability is due to allowing a user to create a validator using vested tokens to deposit the self-bond...

6.5CVSS6.6AI score0.00313EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/17 2:3 p.m.16 views

CVE-2024-37159 Evmos is missing create validator check

Evmos is the Ethereum Virtual Machine EVM Hub on the Cosmos Network. This vulnerability allowed a user to create a validator using vested tokens to deposit the self-bond. This vulnerability is fixed in 18.0.0...

3.5CVSS6.8AI score0.00313EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/06/12 1:43 a.m.5 views

kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups

A double-free flaw was found in the Linux kernel ConnectX-4 and Connect-IB cards in the Mellanox driver. This issue could allow a local user to crash the system...

7.8CVSS6.8AI score0.00269EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.5 views

Fedora: Security Advisory for rust-uu_link (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OSV
OSV
added 2024/06/06 6:21 p.m.11 views

GHSA-PXV8-QHRH-JC7V evmos allows transferring unvested tokens after delegations

Impact This advisory has been created to address the following vulnerabilities found in the Evmos codebase and affecting vesting accounts. Wrong spendable balance computation The spendable balance is not updated properly when delegating vested tokens. The following example help in describing the...

3.5CVSS5.7AI score0.0044EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/06/06 6:21 p.m.20 views

evmos allows transferring unvested tokens after delegations

Impact This advisory has been created to address the following vulnerabilities found in the Evmos codebase and affecting vesting accounts. Wrong spendable balance computation The spendable balance is not updated properly when delegating vested tokens. The following example help in describing the...

4.3CVSS4.3AI score0.00384EPSS
Exploits0References7Affected Software12
Fedora
Fedora
added 2024/06/02 3:39 a.m.13 views

[SECURITY] Fedora 39 Update: rust-uu_mkdir-0.0.23-3.fc39

mkdir uutils create DIRECTORY...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/05/30 6:38 p.m.5 views

yankeespirits.com Cross Site Scripting vulnerability OBB-3931753

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2024/05/30 6:15 p.m.2 views

CVE-2024-35433

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Incorrect Access Control. An authenticated user, without the permissions of managing users, can create a new admin user...

8.1CVSS5.8AI score0.00461EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/30 3:29 p.m.29 views

CVE-2024-36907

...

6.3AI score
Exploits0
OSV
OSV
added 2024/05/30 11:59 a.m.6 views

USN-6802-1 postgresql-14, postgresql-15, postgresql-16 vulnerability

Lukas Fittl discovered that PostgreSQL incorrectly performed authorization in the built-in pgstatsext and pgstatsextexprs views. An unprivileged database user can use this issue to read most common values and other statistics from CREATE STATISTICS commands of other users. NOTE: This update will...

4.3CVSS7AI score0.00722EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/30 12:0 a.m.3 views

SourceCodester Stock Management System SQL注入漏洞

Sourcecodester Stock Management System is an inventory management system. A SQL injection vulnerability exists in SourceCodester Stock Management System version 1.0, which stems from a SQL injection caused by the brandName parameter of the file createBrand.php...

9.8CVSS7.1AI score0.00637EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.4 views

PT-2024-36486 · Unknown · Sourcecodester Stock Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Stock Management System version 1.0 Description: A critical issue was found in the SourceCodester Stock Management System, affecting an unknown function of the file createBrand.php. The manipulation of the brandName argument...

9.8CVSS7.5AI score0.00637EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/05/30 12:0 a.m.4 views

The vulnerability of the tegra_fb_create() function in the Tegra DRM kernel of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the tegrafbcreate function in the drivers/gpu/drm/tegra/fb.c file of the Tegra DRM driver for the Linux operating system is related to improper manipulation of the reference counter for resources. Exploiting this vulnerability could allow an attacker to cause a service failur...

5.6CVSS5.5AI score
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2024/05/29 10:0 a.m.3 views

SUSE CVE-2023-52809

In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not check the return value of fcrportcreate which can return NULL and would cause a NULL pointer dereference. Address this issue by checki...

5.5CVSS6.5AI score0.00251EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2024/05/23 3:4 a.m.3 views

SUSE CVE-2021-47320

In the Linux kernel, the following vulnerability has been resolved: nfs: fix acl memory leak of posixaclcreate When looking into another nfs xfstests report, I found acl and defaultacl in nfs3proccreate and nfs3procmknod error paths are possibly leaked. Fix them in advance...

4.4CVSS7.9AI score0.00259EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2024/05/22 3:49 p.m.21 views

vantage6 collaboration admins can extend their influence by expanding the collaboration

Impact Collaboration administrators can add extra organizations to their collaboration. When doing that, they extend their influence: for instance, for organizations that they include, they can then create new users for which they know the passwords, and use that to read task results of other...

2.7CVSS7AI score0.00316EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/22 10:16 a.m.3 views

kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()

A race condition was found in the QXL driver in the Linux kernel. The qxlmodedumbcreate function dereferences the qobj returned by the qxlgemobjectcreatewithhandle, but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigge...

7.5CVSS6.8AI score0.0042EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/05/22 10:3 a.m.7 views

kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()

A race condition was found in the QXL driver in the Linux kernel. The qxlmodedumbcreate function dereferences the qobj returned by the qxlgemobjectcreatewithhandle, but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigge...

7.5CVSS6.8AI score0.0042EPSS
Exploits0References4
OSV
OSV
added 2024/05/22 9:15 a.m.1 views

DEBIAN-CVE-2021-47481

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR Normally the zero fill would hide the missing initialization, but an errant set to descsize in regcreate causes a crash: BUG: unable to handle page fault for address:...

5.5CVSS5AI score0.0018EPSS
Exploits0References1
Rows per page
Query Builder