Lucene search
K

347 matches found

OSV
OSV
added 2021/11/25 12:0 a.m.2 views

UBUNTU-CVE-2021-4001

A race condition was found in the Linux kernel's ebpf verifier between bpfmapupdateelem and bpfmapfreeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege capsysadmin or capbpf can modify the frozen mapped address space. This flaw affects kernel...

4.1CVSS6.6AI score0.00186EPSS
Exploits0References7
Code423n4
Code423n4
added 2021/11/11 12:0 a.m.10 views

Funds in FSDVesting.sol can be frozen by the attacker

Handle WatchPug Vulnerability details In the current implementation, anyone can call function updateVestedTokens to add an arbitrary amount to the beneficiary's vesting amount without sending any of it. This allows the attacker to make the amount typeuint256.max and call to claimVestedTokens will...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/11/09 12:0 a.m.9 views

Permissioned nature of TwapOracle allows owner to manipulate oracle

Handle TomFrench Vulnerability details Impact Potentially frozen or purposefully inaccurate USDV:VADER price feed. Proof of Concept Only the owner of TwapOracle can call update on the oracle. Should the owner desire they could cease calling update on the oracle for a period. Over this period the...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/11/09 12:0 a.m.12 views

PT-2021-7382 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16 rc2 Description: A race condition was found in the Linux kernel's ebpf verifier between bpf map update elem and bpf map freeze due to a missing lock in kernel/bpf/syscall.c. This issue allows a local user...

9.8CVSS7.3AI score0.89063EPSS
Exploits330References1321
Kitploit
Kitploit
added 2021/07/09 9:30 p.m.54 views

Security Scorecards - Security Health Metrics For Open Source

Security Health Metrics For Open Source Motivation A short motivational video clip to inspire us: https://youtu.be/rDMMYT3vkTk "You passed! All D's ... and an A!" Goals 1. Automate analysis and trust decisions on the security posture of open source projects. 2. Use this data to proactively improv...

7.4AI score
Exploits0References19
The Hacker News
The Hacker News
added 2021/07/02 9:44 a.m.43 views

New Google Scorecards Tool Scans Open-Source Software for More Security Risks

Google has launched an updated version of Scorecards, its automated security tool that produces a "risk score" for open source initiatives, with improved checks and capabilities to make the data generated by the utility accessible for analysis. "With so much software today relying on open-source...

1AI score
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2020:14551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.7AI score0.02323EPSS
Exploits0References5
Krebs on Security
Krebs on Security
added 2021/02/19 4:25 p.m.48 views

Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

The leader of Mexicos Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexicos top tourist destinations over the past five years. The scandal is the latest fallo...

6.8AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2019/07/30 12:0 a.m.196 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1815-1 Rating: important References: 1120892 1141102 1141649 Cross-References: CVE-2018-20073 CVE-2019-5847 CVE-2019-5848 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 openSUSE Backports SLE-15 SUS...

6.5CVSS6.7AI score0.0085EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2019/07/29 4:45 p.m.7 views

chromium-browser: V8 sealed/frozen elements cause crash

Inappropriate implementation in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.5CVSS7.4AI score0.0085EPSS
Exploits0References5
OSV
OSV
added 2019/05/23 12:0 a.m.7 views

UBUNTU-CVE-2018-15664

In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operatio...

7.5CVSS7.2AI score0.03398EPSS
Exploits2References4
Malwarebytes
Malwarebytes
added 2019/04/29 3:54 p.m.59 views

Wall Street Market reported to have exit scammed

Around April 20, many users reported that Wall Street Market, a broadly known dark net market, had executed an exit scam, and that any pending orders were unlikely to be completed. Scamming with enterprises involving Bitcoin is not unheard of, and dark net markets with centralized escrow are...

0.7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2018/09/11 7:0 a.m.61 views

Description of the security update for Excel 2016: September 11, 2018

None None...

5.5CVSS6.5AI score0.12255EPSS
Exploits0
OSV
OSV
added 2018/06/12 2:29 p.m.5 views

UBUNTU-CVE-2018-12247

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclass, related to certain .clone usage, because mrbobjclone in kernel.c copies flags other than the MRBFLAGISFROZEN flag e.g., the embedded flag...

7.5CVSS7.1AI score0.01552EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2018/01/26 8:8 a.m.166 views

Someone Stole Almost Half a BILLION Dollars from Japanese Cryptocurrency Exchange

Coincheck, a Tokyo-based cryptocurrency exchange, has suffered what appears to be the biggest hack in the history of cryptocurrencies, losing $532 million in digital assets nearly $420 million in NEM tokens and $112 in Ripples. In 2014, Mt Gox, one of the largest bitcoin exchange at that time,...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2017/11/07 7:38 p.m.9 views

Oh, Crap! Someone Accidentally Triggered A Flaw That Locked Up $280 Million In Ethereum

Horrible news for some Ethereum users. About $300 million worth of Ether—the cryptocurrency unit that has become one of the most popular and increasingly valuable cryptocurrencies—from dozens of Ethereum wallets was permanently locked up today. Smart contract coding startup Parity Technologies,...

7.1AI score
Exploits0
myhack58
myhack58
added 2016/11/11 12:0 a.m.20 views

Chrome memory the bug be exploited by hackers: Google has yet to fix-vulnerability warning-the black bar safety net

According to foreign media reports, recently the IT security and protection company Sophos announced that the Chrome browser there is a Bug currently has hackers use. Worse, Google two years ago are aware of this Bug, but until today not yet repaired. ! Chrome memory the bug be exploited by...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2016/07/28 9:27 p.m.13 views

Brazil Freezes $11.7 Million of Facebook Funds for Not Complying with Court Orders

Facebook's legal war with Brazilian government seems to be never-ending. Facebook-owned cross-platform messaging service WhatsApp has already been blocked a total of three times in Brazil since December for failing to comply with a court order asking the company to access WhatsApp data under...

6.6AI score
Exploits0
hackapp
hackapp
added 2016/04/01 10:10 a.m.13 views

1941 Frozen Front - Dangerous filesystem permissions, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application 1941 Frozen Front published at the 'play' market has multiple vulnerabilities...

0.9AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:48 a.m.7 views

Hidden Mahjong: Frozen - Base64 encoded String, Dangerous filesystem permissions, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application Hidden Mahjong: Frozen published at the 'play' market has multiple vulnerabilities...

0.1AI score
Exploits0References1Affected Software1
Rows per page
Query Builder