6041 matches found
Improper Authorization
Evmos is vulnerable to Improper Authorization. The vulnerability is due to allowing a user to create a validator using vested tokens to deposit the self-bond...
CVE-2024-37159 Evmos is missing create validator check
Evmos is the Ethereum Virtual Machine EVM Hub on the Cosmos Network. This vulnerability allowed a user to create a validator using vested tokens to deposit the self-bond. This vulnerability is fixed in 18.0.0...
kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups
A double-free flaw was found in the Linux kernel ConnectX-4 and Connect-IB cards in the Mellanox driver. This issue could allow a local user to crash the system...
Fedora: Security Advisory for rust-uu_link (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-PXV8-QHRH-JC7V evmos allows transferring unvested tokens after delegations
Impact This advisory has been created to address the following vulnerabilities found in the Evmos codebase and affecting vesting accounts. Wrong spendable balance computation The spendable balance is not updated properly when delegating vested tokens. The following example help in describing the...
evmos allows transferring unvested tokens after delegations
Impact This advisory has been created to address the following vulnerabilities found in the Evmos codebase and affecting vesting accounts. Wrong spendable balance computation The spendable balance is not updated properly when delegating vested tokens. The following example help in describing the...
[SECURITY] Fedora 39 Update: rust-uu_mkdir-0.0.23-3.fc39
mkdir uutils create DIRECTORY...
yankeespirits.com Cross Site Scripting vulnerability OBB-3931753
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2024-35433
ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Incorrect Access Control. An authenticated user, without the permissions of managing users, can create a new admin user...
CVE-2024-36907
...
USN-6802-1 postgresql-14, postgresql-15, postgresql-16 vulnerability
Lukas Fittl discovered that PostgreSQL incorrectly performed authorization in the built-in pgstatsext and pgstatsextexprs views. An unprivileged database user can use this issue to read most common values and other statistics from CREATE STATISTICS commands of other users. NOTE: This update will...
SourceCodester Stock Management System SQL注入漏洞
Sourcecodester Stock Management System is an inventory management system. A SQL injection vulnerability exists in SourceCodester Stock Management System version 1.0, which stems from a SQL injection caused by the brandName parameter of the file createBrand.php...
PT-2024-36486 · Unknown · Sourcecodester Stock Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Stock Management System version 1.0 Description: A critical issue was found in the SourceCodester Stock Management System, affecting an unknown function of the file createBrand.php. The manipulation of the brandName argument...
The vulnerability of the tegra_fb_create() function in the Tegra DRM kernel of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the tegrafbcreate function in the drivers/gpu/drm/tegra/fb.c file of the Tegra DRM driver for the Linux operating system is related to improper manipulation of the reference counter for resources. Exploiting this vulnerability could allow an attacker to cause a service failur...
SUSE CVE-2023-52809
In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not check the return value of fcrportcreate which can return NULL and would cause a NULL pointer dereference. Address this issue by checki...
SUSE CVE-2021-47320
In the Linux kernel, the following vulnerability has been resolved: nfs: fix acl memory leak of posixaclcreate When looking into another nfs xfstests report, I found acl and defaultacl in nfs3proccreate and nfs3procmknod error paths are possibly leaked. Fix them in advance...
vantage6 collaboration admins can extend their influence by expanding the collaboration
Impact Collaboration administrators can add extra organizations to their collaboration. When doing that, they extend their influence: for instance, for organizations that they include, they can then create new users for which they know the passwords, and use that to read task results of other...
kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()
A race condition was found in the QXL driver in the Linux kernel. The qxlmodedumbcreate function dereferences the qobj returned by the qxlgemobjectcreatewithhandle, but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigge...
kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()
A race condition was found in the QXL driver in the Linux kernel. The qxlmodedumbcreate function dereferences the qobj returned by the qxlgemobjectcreatewithhandle, but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigge...
DEBIAN-CVE-2021-47481
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR Normally the zero fill would hide the missing initialization, but an errant set to descsize in regcreate causes a crash: BUG: unable to handle page fault for address:...