Lucene search
K

7 matches found

Packet Storm News
Packet Storm News
added 2025/05/01 12:0 a.m.14 views

PatchFuzz: Patch Fuzzing for JavaScript Engines

Patch fuzzing is a technique aimed at identifying vulnerabilities that arise from newly patched code. While researchers have made efforts to apply patch fuzzing to testing JavaScript engines with considerable success, these efforts have been limited to using ordinary test cases or publicly...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/28 1:47 p.m.3 views

CryptosLabs Scam Ring Targets French-Speaking Investors, Rakes in €480 Million

Cybersecurity researchers have exposed the workings of a scam ring called CryptosLabs that's estimated to have made €480 million in illegal profits by targeting users in French-speaking individuals in France, Belgium, and Luxembourg since April 2018. The syndicate's massive fake investment scheme...

6.5AI score
Exploits0
Code423n4
Code423n4
added 2022/11/28 12:0 a.m.6 views

Lack of input validation to check whether the tokenId of the NFT exists or not - this lead to misallocation of fee earned

Lines of code Vulnerability details Impact In the distributeFees function, there is no input validation to check whether the tokenId of the NFT exists or not. If a caller inputs tokenId that does not exist, the fee earned will be added to the balance of tokenId that does not exist. Although this...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/06/26 12:0 a.m.9 views

Yield of LiquidityReserve can be stolen

Lines of code Vulnerability details Impact Using sandwich attacks and JIT Just-in-time liquidity, the yield of LiquidityReserve could be extracted for liquidity providers. Proof of Concept The yield of LiquidityReserve is distributed when a user calls instantUnstakeReserve in Staking. Then, in...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/27 12:0 a.m.14 views

User rewards stop accruing after any _writeCheckpoint calling action

Lines of code Vulnerability details Any user balance affecting action, i.e. deposit, withdraw/withdrawToken or getReward, calls writeCheckpoint to update the balance records used for the earned reward estimation. The issue is that writeCheckpoint always sets false to voted flag for the each new...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/09/29 1:58 p.m.6 views

youve-earned-it.co.za Cross Site Scripting vulnerability OBB-1372445

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Microsoft KB
Microsoft KB
added 2019/12/17 8:0 a.m.126 views

Description of the security update for SharePoint Server 2019: November 12, 2019

Description of the security update for SharePoint Server 2019: November 12, 2019 Summary This security update resolves an information disclosure vulnerability that exists in Microsoft SharePoint if an attacker uploads a specially crafted file to the SharePoint Server. To learn more about the...

6.5CVSS5.9AI score0.0537EPSS
Exploits0
Rows per page
Query Builder