216 matches found
LBPair swap() can be front-runned, a malicious attacker can call swap with higher gas than a user, getting the user swap amount transferred to the attacker address
Lines of code Vulnerability details Impact In the LBPair.sol contract, when a user calls swap after transferring tokens to the Pair, a malicious attacker can front-run that tx then call swap on the same pair with the parameter to changed to an malicious address of his choice, paying a higher gass...
Users can regain gobblers they use to mint Legendary Gobbler with.
Lines of code Vulnerability details Impact Users can mint legendary gobblers without actually burning their gobblers by using the GobblersERC721.approve function to approve themselves before minting their legendary gobbler the burn mechanism, doesn't delete the getApproved approved entry for that...
PT-2022-23487 · Dedecms · Dedecms
Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.97 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities are located at the /dede/co do.php endpoint via the dopost, rpok, and aid parameters. Recommendations: For DedeCMS...
CVE-2021-4159
A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating som...
CVE-2021-4159
A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating som...
PT-2022-15845 · Tcl · Tcl Linkhub Mesh Wi-Fi
Name of the Vulnerable Software and Affected Versions: TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14 Description: A stack-based buffer overflow issue exists in the confsrv confctl set app language functionality. This can be triggered by a specially-crafted network packet, leading to a stack-based buffe...
Copyright Proof <= 4.16 - Reflected Cross-Site-Scripting
The plugin does not sanitise and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting when a specific setting is enabled. To make it easier to verify the vulnerability without the nee...
CVE-2022-24903
CVE-2022-24903 affects rsyslog TCP syslog reception modules, where heap-based overflow can occur when octet-counted framing is enabled. The root cause is that during parsing the octet count, digits are written to a heap buffer even if the count exceeds the maximum, allowing memory overrun; once t...
U.S. Cybersecurity Agency Lists 2021's Top 15 Most Exploited Software Vulnerabilities
Log4Shell, ProxyShell, ProxyLogon, ZeroLogon, and flaws in Zoho ManageEngine AD SelfService Plus, Atlassian Confluence, and VMware vSphere Client emerged as some of the top exploited security vulnerabilities in 2021. That's according to a "Top Routinely Exploited Vulnerabilities" report released ...
Slackware: Security Advisory (SSA:2021-143-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux kernel information disclosure vulnerability (CNVD-2022-13356)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an information disclosure vulnerability that stems from a vulnerability found in the Linux kernel's eBPF validation program when dealing with...
Memory corruption
A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating som...
CVE-2022-0264
CVE-2022-0264 : The Linux kernel eBPF verifier has a vulnerability in how it handles internal data structures, allowing leakage of internal kernel memory to userspace when eBPF code is inserted into the kernel. A local attacker with insertion privileges could exploit this to access kernel memory ...
Scientific Linux Security Update : 389-ds-base on SL7.x x86_64 (2021:3807)
The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2021:3807-1 advisory. - 389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed CVE-2021-3652 Note that Nessus has not tested for this issue but has...
MSHTML attack targets Russian state rocket centre and interior ministry
Malwarebytes has reason to believe that the MSHTML vulnerability listed under CVE-2021-40444 is being used to target Russian entities. The Malwarebytes Intelligence team has intercepted email attachments that are specifically targeting Russian organizations. The first template we found is designe...
ROS-2-1589
2.1589 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...
ROS-2-1754
2.1754 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...
ROS-2-1618
2.1618 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-2053
2.2053 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-1820
2.1820 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...