Lucene search
+L

40 matches found

Code423n4
Code423n4
added 2023/12/08 12:0 a.m.18 views

High risk in integrating Ocean with Curve TriCrypto pool on Arbitrum

Lines of code Vulnerability details Impact The Curve TriCrypto adapter contract enables swapping, adding liquidity, and removing liquidity for the USDT-WBTC-ETH pool on Arbitrum. However, this pool has been flagged for potential exploit risks. Curve Finance issued a warning: This pool might be at...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.9 views

PT-2023-30529 · Datahub · Datahub

Name of the Vulnerable Software and Affected Versions: DataHub versions prior to 0.11.1 Description: The issue concerns the use of a SHA-1 HMAC with a short key length for signing session tokens in DataHub Frontend, making it vulnerable to brute force attacks by sufficiently resourced actors. An...

8.8CVSS8.3AI score0.00363EPSS
Exploits0References3
Amazon
Amazon
added 2023/10/03 12:0 a.m.12 views

Important: glibc

Issue Overview: A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function...

7.8CVSS7.7AI score0.81422EPSS
Exploits29
CISA
CISA
added 2023/09/11 12:0 p.m.18 views

CISA Adds Two Known Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-41064 Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow CVE-2023-41061 Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability These types of...

7.8CVSS7.3AI score0.15263EPSS
In wildExploits2References7
Tenable Nessus
Tenable Nessus
added 2022/11/17 12:0 a.m.25 views

Debian DSA-5282-1 : firefox-esr - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5282 advisory. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information...

9.8CVSS7.8AI score0.01061EPSS
Exploits0References29
Positive Technologies
Positive Technologies
added 2022/09/23 12:0 a.m.5 views

PT-2022-22565 · Swftools · Swftools

Name of the Vulnerable Software and Affected Versions: SWFTools affected versions not specified Description: A heap-buffer overflow issue was discovered in SWFTools via the draw stroke function at /gfxpoly/stroke.c. This issue can potentially be exploited. No information is available about the...

5.5CVSS5.5AI score0.00402EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2018/08/13 12:0 a.m.33 views

PostgreSQL Multiple Vulnerabilities (Aug 2018) - Windows

PostgreSQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql";...

8.1CVSS7.7AI score0.02241EPSS
Exploits0References5
Hacker One
Hacker One
added 2016/08/07 12:53 p.m.23 views

SecNews: Querying private posts and changing post meta

Summary --- Unauthenticated user can run arbitrary post queries and insert arbitrary numeric post meta via vulnerable /wp-content/themes/SecNews-NewCustom/functions/ajax.php file. I'm including two exploits in one report because the fix for both is the same, i.e. delete ajax.php. Run arbitrary po...

Exploits0
myhack58
myhack58
added 2016/03/23 12:0 a.m.17 views

Google emergency release patches, to fix the Android system is high-risk to mention the right Vulnerability, CVE-2 0 1 5-1 8 0 5-the vulnerability warning-the black bar safety net

Google released emergency security patches to fix the impact of the Android operating system elevation of privilege vulnerability CVE-2 0 1 5-1 8 0 5 in. Affect all Nexus devices and part of Android Google has released an emergency security patch to fix the impact of the Android operating...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/15 12:0 a.m.27 views

phpMyAdmin 2.x - 'db_create.php?db' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could exploit these vulnerabilities to vi...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/12/15 12:0 a.m.11 views

TML 0.5 - index.php?form Cross-Site Scripting

TML 0.5 - index.php?form Cross-Site Scripting source: https://www.securityfocus.com/bid/15876/info TML CMS is prone to multiple input validation vulnerabilities. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, t...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2005/04/20 12:0 a.m.12 views

DUportal Pro 3.4 - search.asp?iChannel SQL Injection

DUportal Pro 3.4 - search.asp?iChannel SQL Injection source: https://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit cou...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.30 views

Debian DSA-382-3 : ssh - possible remote vulnerability

A bug has been found in OpenSSH's buffer handling where a buffer could be marked as grown when the actual reallocation failed. DSA-382-2: This advisory is an addition to the earlier DSA-382-1 advisory: two more buffer handling problems have been found in addition to the one described in DSA-382-1...

10CVSS7.6AI score0.09893EPSS
Exploits2References4
exploitpack
exploitpack
added 2004/09/28 12:0 a.m.10 views

WordPress 1.2 - edit.php?s Cross-Site Scripting

WordPress 1.2 - edit.php?s Cross-Site Scripting source: https://www.securityfocus.com/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2004/03/31 12:0 a.m.44 views

clamd - NEVER use "%f" in your "VirusEvent"

date: 30 March 2004 product: clam antivirus author: l0om - l0omatexcluded.org - www.excluded.org clam antivirus is a antivirus program which works very well. it comes with a lot of features and its easy to handle. for normal you start it from the command line on demand but if you use the the dazu...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2004/01/06 12:0 a.m.15 views

Edimax AR-6004 ADSL Router - Management Interface Cross-Site Scripting

Edimax AR-6004 ADSL Router - Management Interface Cross-Site Scripting source: https://www.securityfocus.com/bid/9374/info Edimax AR-6004 ADSL Routers are prone to cross-site scripting attacks via the web management interface of affected devices. An attacker could exploit this issue by enticing a...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2003/06/09 12:0 a.m.1427 views

[SmartFTP] Two Buffer Overflow Vulnerabilities

---------------------------------------------------------------------- SUMMARY : SmartFTP Two Buffer Overflow Vulnerabilities PRODUCT : SmartFTP VERSIONS : 1.0.973 VENDOR : SmartFTP http://www.smartftp.com/ SEVERITY : Critical. Code Execution. DISCOVERED BY : nesumin AUTHOR : :: Operash :: REPORT...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2001/06/05 12:0 a.m.24 views

Locally exploitable races in OpenBSD VFS

my apologies if it ends up submitted twice Let's start with the trivial: good old aliasing bugs. Example 1: dup2 vs. close. Relevant file: kern/kerndescrip.c sysdup2p, v, retval struct proc p; void v; registert retval; snip if uintold = fdp-fdnfiles || fdp-fdofilesold == NULL || uintnew =...

7.4AI score
Exploits0
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.8 views

CVE-2025-0654

...

Exploits0
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.11 views

CVE-2018-4618

...

Exploits0
Rows per page
Query Builder