24 matches found
EUVD-2019-4574
Malware in sbrugna...
EUVD-2018-4045
Malware in sbrugna...
EUVD-2024-32527
Malicious code in bioql PyPI...
EUVD-2025-6747
Malicious code in bioql PyPI...
IBM OpenPages with Watson 安全漏洞
IBM OpenPages with Watson is an AI-powered financial risk analytics solution from International Business Machines IBM. The platform is based on AI technology to predict risk factors and minimize risk in financial activities by integrating, automatically identifying, measuring, monitoring,...
CVE-2023-36817
tktchurch/website contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized...
CVE-2024-10275
In version 1.5.5 of lunary-ai/lunary, a vulnerability exists where admins, who do not have direct permissions to access billing resources, can change the permissions of existing users to include billing permissions. This can lead to a privilege escalation scenario where an administrator can manag...
CVE-2024-10275
In version 1.5.5 of lunary-ai/lunary, a vulnerability exists where admins, who do not have direct permissions to access billing resources, can change the permissions of existing users to include billing permissions. This can lead to a privilege escalation scenario where an administrator can manag...
CVE-2025-1766 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Missing Authorization to Unauthenticated Payment Status Update
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'paymentcomplete' function in all versions up to, and including, 4.0.24. This makes it possible for unauthenticated...
InterestRate can be changed during close market.
Lines of code Vulnerability details Summary After closing market, the borrower can set the interest rate. Impact Breaking calculations, loss of funds. Vulnerability Details After borrower closed the market, he can set interest rate, this means remaining totalSupply still earn interest while it...
Since the build function in 'Vault721' allows anyone to deploy a new ODProxy for any user without proper checks, it creates a potential exploit.
Lines of code Vulnerability details Impact The ability to freely deploy ODProxy contracts through the Vault721 contract's build function represents a significant security vulnerability. Exploitation of this vulnerability could lead to: Unauthorized Actions: Malicious actors could deploy proxies f...
Calculation Errors in calculateAndSendFee Function of OptionsPositionManager Contract
Lines of code Vulnerability details Bug Description In the OptionsPositionManager contract, specifically in the calculateAndSendFee function lines 365 to 367, there are several mathematical errors that impact the accuracy of the feeAmount result. These errors can lead to incorrect fee calculation...
Unpacking the "0x1626ba7e" Mystery: The Risks of Unidentified Fixed Values in Smart Contracts - loss of funds
Lines of code Vulnerability details Impact The use of a fixed value in the require statement without understanding its significance creates a security vulnerability in the contract. An attacker could manipulate the returned value to bypass the require statement and execute malicious code. This ca...
IBM OpenPages with Watson Arbitrary Code Execution Vulnerability
IBM OpenPages with Watson is an AI-driven solution for financial risk analysis. The platform is based on AI technology to predict risk factors and minimize risk in financial activities by integrating, automatically identifying, measuring, monitoring, analyzing, and managing risk data through step...
OpenPages GRC Platform Cross-Site Scripting Vulnerability (CNVD-2021-34717)
OpenPages with Watson is an AI-powered financial risk analytics solution. The platform is based on AI technology to predict risk factors and minimize risks in financial activities by integrating, automatically identifying, measuring, monitoring, analyzing, and managing risk data through a number ...
Home-Office Photos: A Ripe Cyberattack Vector
That photo that appears when someone disables his or her Zoom video, or those photos of a remote worker’s home office shared on Instagram may seem innocuous and playful. However, they could become ammunition for threat actors to launch targeted scams and put personal and critical data at risk, a...
Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact
GDPR, HIPAA, GLBA, all 50 U.S. States, and many countries have privacy breach reporting requirements. If an organization experiences a breach of customer or employee personal information, they must report it within the required time frame. The size and scope of this reporting effort can be massiv...
Understanding the Payload-Less Email Attacks Evading Your Security Team
The traditional image of a successful email attack is that of a naive employee clicking the link in a crudely crafted spam email bent on phishing. But times have changed, and employees are much more security-educated than they used to be. So, today’s threat actors are creating increasingly...
Infonomics-based Model Teaches CISOs how to Assess their Data’s Financial Risk, Invest Properly in Data Security
Here’s what I consider the biggest contradiction in cybersecurity: the most-financially-damaging, reputation-destroying security incidents almost always involves the theft of millions of database records. Yet, data security is one of the smallest line items in a security budget. Consider that tot...
CVE-2018-12068
The sell function of a smart contract implementation for Target Coin TGT, a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka...