5 matches found
Owner should be able to choose to not ignore failures in updateYieldStrategy
Handle harleythedog Vulnerability details Impact In Sherlock.sol, the function updateYieldStrategy ignores all errors when yieldStrategy.withdrawAll is called, and I believe this is an dangerous design choice. If yieldStrategy.withdrawAll reverts, then all the funds that are deposited in the yiel...
Arbitrary File Deletion Vulnerability in Apple CMS v10
Apple CMS is a well-established and powerful rapid site builder running on PHP+MYSQL environment. Apple CMS v10 background there are arbitrary file deletion vulnerability, the vulnerability stems from the $name, $force parameters are not filtered, an attacker can use the vulnerability to delete...
Fastspot BigTree CMS Security Bypass Vulnerability
Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A security bypass vulnerability exists in Fastspot BigTree CMS versions 4.2.18 and earlier. An attacker can exploit this vulnerability by sending the 'force' parameter to t...
ownCloud Server Denial of Service Vulnerability (CNVD-2016-00188)
OwnCloud is a free and open source personal cloud storage solution from German company OwnCloud, which provides file management, music storage, calendaring, etc. OwnCloud Server is a server version. A security vulnerability exists in ownCloud Server, which stems from the failure of the...
openSUSE 10 Security Update : kernel (kernel-4986)
This kernel update fixes the following security problems : - CVE-2008-0600: A local privilege escalation was found in the vmsplicepipe system call, which could be used by local attackers to gain root access. - CVE-2007-6206: Core dumps from root might be accessible to the wrong owner. And the...