CVE-2022-22018

HEVC Video Extensions Remote Code Execution Vulnerability...

UNISWAP_FEE is hardcoded which will lead to significant losses compared to optimal routing

Lines of code Vulnerability details Impact In YieldManager, UNISWAPFEE is hardcoded, which reduce significantly the possibilities and will lead to non optimal routes. In particular, all swaps using ETH path will use the wrong pool as it will use the ETH / USDC 1% one due to this line. Proof of...

[SECURITY] Fedora 36 Update: zchunk-1.2.2-1.fc36

zchunk is a compressed file format that splits the file into independent chunks. This allows you to only download the differences when downloading a new version of the file, and also makes zchunk files efficient over rsync. zchunk files are protected with strong checksums to verify that the file...

[SECURITY] Fedora 35 Update: zchunk-1.2.2-1.fc35

zchunk is a compressed file format that splits the file into independent chunks. This allows you to only download the differences when downloading a new version of the file, and also makes zchunk files efficient over rsync. zchunk files are protected with strong checksums to verify that the file...

[SECURITY] Fedora 34 Update: httpd-2.4.53-1.fc34

The Apache HTTP Server is a powerful, efficient, and extensible web server...

Option create can be denied

Lines of code Vulnerability details Proof of Concept A griefer can frontrun the createOption from a user and user's tx will revert. This line will revert because of this Recommended Mitigation Steps One gas efficient way to prevent this is to mix msg.sender into salt. --- The text was updated...

[SECURITY] Fedora 35 Update: nodejs-16.14.0-2.fc35

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

[SECURITY] Fedora 35 Update: protobuf-3.14.0-7.fc35

Protocol Buffers are a way of encoding structured data in an efficient yet extensible format. Google uses Protocol Buffers for almost all of its internal RPC protocols and file formats. Protocol buffers are a flexible, efficient, automated mechanism for serializing structured data...

[SECURITY] Fedora 34 Update: trojita-0.7.0.1-0.13.20220117git266c757.fc34

Trojit=EF=BF=BD=EF=BF=BD is a IMAP e-mail client which: Enables you to access your mail anytime, anywhere. Does not slow you down. If we can improve the productivity of an e-mail user, we better do. Respects open standards and facilitates modern technologies. We value the vendor-neutrality that...

[SECURITY] Fedora 35 Update: python-pillow-8.3.2-2.fc35

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

GHSA-FJ2W-WFGV-MWQ6 Denial of service in CBOR library

Impact Due to this library's use of an inefficient algorithm, it is vulnerable to a denial of service attack when a maliciously crafted input is passed to DecodeFromBytes or other CBOR decoding mechanisms in this library. Affected versions include versions 4.0.0 through 4.5.0. This vulnerability...

[SECURITY] Fedora 35 Update: nodejs-16.13.2-1.fc35

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

Workshop: Building Modern Applications with DevOps Security

In this workshop, you’ll learn how to leverage DevOps Security with your serverless applications running on AWS Lambda or containerized applications running on AWS Fargate. Learn how to make cloud security more efficient, proactive, and gain visibility...

Unsafe uint64 casting may overflow

Handle sirhashalot Vulnerability details Impact The calculateRewardAmount function casts epoch timestamps from uint256 to uint64 and these may overflow. The epochStartTimestamp value is a function of the user-supplied epochId value, which could be extremely large up to 2255 – 1. While Solidity...

Kunyu - More Efficient Corporate Asset Collection

Kunyu, More Efficient Corporate Asset Collection 0x00 Introduce Tool introduction Kunyu kunyu, whose name is taken from , is actually a professional subject related to geographic information, which counts the geographic information of the sea, land, and sky. The same applies to cyberspace. The sa...

[SECURITY] Fedora 35 Update: nodejs-16.11.1-1.fc35

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

[SECURITY] Fedora 34 Update: nodejs-14.18.1-1.fc34

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

[SECURITY] Fedora 33 Update: httpd-2.4.51-1.fc33

The Apache HTTP Server is a powerful, efficient, and extensible web server...

[SECURITY] Fedora 35 Update: httpd-2.4.51-2.fc35

The Apache HTTP Server is a powerful, efficient, and extensible web server...

Minimize SecOps Risk with Less Tools and More Security

Security leaders are seeking new ways to minimize SecOps security monitoring tools while increasing efficiency for SecOps teams. Read this article to learn more...