IoT-MQTT-Lab

No d...

CVE-2025-68686

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability CWE-200 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions may allow a remote unauthenticated attacker to bypas...

EUVD-2020-12684

Malware in sbrugna...

EUVD-2023-2523

Malicious code in bioql PyPI...

CVE-2020-9110

Taurus-AN00B versions earlier than 10.1.0.156C00E155R7P2 have an information disclosure vulnerability. The device does not sufficiently validate the output of device in certain specific scenario, the attacker can gain information in the victim's smartphone to launch the attack, successful exploit...

CVE-2024-40955

In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-out-of-bounds in ext4mbfindgoodgroupavgfraglists We can trigger a slab-out-of-bounds with the following commands: mkfs.ext4 -F /dev/$disk 10G mount /dev/$disk /tmp/test echo 2147483647...

A malicious contributor can increase voting power maliciously and eventually steal funds!

Lines of code Vulnerability details Impact Unlimited voting power for attacker and stealing of funds ! Proof of Concept All of the contribute functions uses msg.value to calculate the votingpower . For example , contribute function looks like this : function contribute uint256 tokenId, address...

CVE-2022-3514

An issue has been discovered in GitLab CE/EE affecting all versions starting from 6.6 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. An attacker may cause Denial of Service on a GitLab instance by exploiting a regex issue in the...

Malicious drawingToken can make bad actor claim the raffle NFT

Lines of code Vulnerability details Description Malicious drawingToken address passed into factory.makeNewDraw can claim the raffle NFT. It can be exploited via a social engineering attack or another scenario is that a malicious owner can pretend to make a raffle with a malicious drawingToken and...

It is possible to burn someone's vault tokens

Lines of code Vulnerability details Impact It is possible to burn someone's vault tokens. Exploit Scenario Let's say Alice and Bob have some vault tokens. For some reason, Bob didn't grab an ice-cream for Alice, therefore Alice wanted to revenge for that. So she decided to burn Bob's vault tokens...

Malicious Users Can Transfer Vault Collateral To Other Accounts To Extract Additional Yield From The Protocol

Handle leastwood Vulnerability details Impact ConvexYieldWrapper.sol is a wrapper contract for staking convex tokens on the user's behalf, allowing them to earn rewards on their deposit. Users will interact with the Ladle.sol contract's batch function which: Approves Ladle to move the tokens...

Dishonest Stakers Can Siphon Rewards From xToken Holders Through The deposit Function In NFTXInventoryStaking

Handle leastwood Vulnerability details Impact xTokens is intended to be a representation of staked vault tokens. As the protocol's vaults accrue fees from users, these fees are intended to be distributed to users in an inconsistent fashion. NFTXInventoryStaking is one of the ways users can stake...

Missing Factory-only access check leads to loss of funds

Handle 0xRajeev Vulnerability details Impact The Market sponsoraddress sponsorAddress, uint256 amount function is an externally callable function that is specified to be callable only by the Factory contract during market creation, as documented in the Natspec @dev comment: "called by Factory...

Hanno's projects: [bugs.fuzzing-project.org] HTML Injection via 'custom_field_7[]' parameter in '/view_all_set.php'

Vulnerable Website URL or Application: https://bugs.fuzzing-project.org/viewallset.php?f=3 Description of Security Issue: By not properly cleaning the information entered in the customfield7 field, an attacker could send emails to company customers, pointing to a legitimate fuzzing project domain...

Semrush: IDOR in marketing calendar tool

INTRODUCTION I used two accounts to search for this vulnerability: Id: █████ Email: ██████ Id: ███ Email: ███ IP used: 78.194.169.36 Endpoint URL: https://ec.semrush.com/api/v1/ga/userstatus/?calendarid=CALENDARID EXPLOITATION Description of Security Issue: When a marketing calendar is loaded in...

Chrome V8 KeyAccumulator Bug Exploit

Chrome V8 suffers from a bug in KeyAccumulator that can cause a crash. Chrome: V8: A bug with KeyAccumulator PoC: for let i = 0; i https://cs.chromium.org/chromium/src/v8/src/objects.cc?rcl=a2ca1996873f3ffa79d9495fb2cf4e7c0e51d9e9&l=18369. The new table is directly used as the backing store of th...

Liberapay: Insecure Account Deletion

Hi Team, The removal of account is one of the sensitive part of a web application that needs to protect, therefore removing an account should validate the authenticity of the user, however i have found that when removing an account, the system did not require the user to input the account passwor...

Infogram: Password Reset Token Not Expired

Hello Team, Here in this scenario, I've found that the there's a kind of server side invalidation of Password Reset tokens. Like if I've requested for password reset token token1 and I don't use it, after I will make another request for password reset token token2. This time I'll use the token2...

mimipenguin - A Tool To Dump The Login Password From The Current Linux User

A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. Details Takes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing cleartext...

Skyliner: Password reset Token not expiring

Hello Team, Here in this scenario, I've found that the there's a kind of server side side invalidation of Password Reset tokens. Like if I've requested for password reset token token1 and I don't use it, after I will make another request for password reset token token2. This time I'll use the...