220 matches found
PT-2023-35709 · Git +1 · Mruby
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free READ 1 crash type. The crash state involves several function calls, including mrb str hash m, mrb funcall...
PT-2023-35702 · Git +1 · Flac
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow write error. Technical details include the crash type being a Heap-buffer-overflow WRITE 4, and the crash...
PT-2023-35697 · Git +1 · Mruby
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free READ 4 crash type. The crash state involves several function calls, including mrb gc mark, mrb gc mark iv,...
Multiple vulnerabilities in PostgreSQL extension module pg_ivm
Overview pgivm provided by IVM Development Group is a PostgreSQL extension module that provides incremental view maintenance functionality of materialized views. pgivm contains multiple vulnerabilities listed below. Exposure of sensitive information to an unauthorized actor CWE-200 - CVE-2023-228...
XWiki Platform 安全漏洞
XWiki Platform is a suite of Wiki platforms for creating Web collaboration applications from the French company XWiki. A security vulnerability exists in XWiki Platform that originates from a user being able to infer the contents of a password field through repeated function calls...
Upgraded Q -> 2 from #795 [1677634099280]
Judge has assessed an item in Issue 795 as 2 risk. The relevant finding follows: 04 VALUES OF fees ARE NOT CHECKED IN Vault.initialize FUNCTION When calling the following Vault.initialize function, the values of fees are not checked. It is possible that these fees are set to be above 1e18 when...
PT-2023-35600 · Git +1 · Mruby
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free READ 4 crash type. The crash state involves several function calls, including mrb gc mark, mrb gc mark iv,...
Upgraded Q -> 2 from #596 [1677228840417]
Judge has assessed an item in Issue 596 as 2 risk. The relevant finding follows: withdraw and redeem function withdraw IERC4626 vault, address to, uint256 amount, uint256 maxSharesOut public payable virtual override returns uint256 sharesOut ERC20addressvault.safeApproveaddressvault, amount; if...
SUSE CVE-2013-1711
The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting XSS attack...
SUSE CVE-2021-38297
Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used...
DotDumper - An Automatic Unpacker And Logger For DotNet Framework Targeting Files
An automatic unpacker and logger for DotNet Framework targeting files! This tool has been unveiled at Black Hat USA 2022. The automatic detection and classification of any given file in a reliable manner is often considered the holy grail of malware analysis. The trials and tribulations to get...
ContentStudio < 1.2.6 - Unauthorised Function Calls
The plugin does not have authorisation checks in various functions, which could allow unauthenticated users to retrieve arbitrary metadata, including the plugin's token used in other actions like when creating a post...
CVE-2022-43438
The Administrator function of EasyTest has an Incorrect Authorization vulnerability. A remote attacker authenticated as a general user can exploit this vulnerability to bypass the intended access restrictions, to make API functions calls, manipulate system and terminate service...
CVE-2022-45891
Planet eStream before 6.72.10.07 allows attackers to call restricted functions, and perform unauthenticated uploads Upload2.ashx or access content uploaded by other users View.aspx after Ajax.asmx/SaveGrantAccessList...
A BETTER APPROACH TO REVERTING CODE LINES ON _ADDCOLLATERALTOVAULT() AND _REMOVECOLLATERAL()
Lines of code Vulnerability details Impact In PaperControl.sol, callers would have to deal with function pre-maturely reverting upon encountering an element in collateralArr failing to pass the if statement in the function logic of addCollateralToVault and removeCollateral. The amount of gas wast...
GHSA-VR8J-HGMM-JH9R Denial of service by double-checked locking in openssl-src
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems most widely: Windows this results in a denial of service when the affected process hangs. Policy processing being enabled o...
PT-2022-25826 · Unknown · Qmpass/Leadshop
Name of the Vulnerable Software and Affected Versions: qmpass/leadshop version 1.4.15 Description: The issue allows an attacker to control the target host by calling any function in leadshop.php via the GET method, potentially leading to remote code execution RCE. This can enable an attacker to...
The vulnerabilities of Firefox browsers, Firefox ESR, and the email client Thunderbird, related to information representation errors in the user interface, allow attackers to perform spear-phishing attacks.
The vulnerabilities of Firefox browsers, Firefox ESR, and the email client Thunderbird are related to information representation errors in the user interface. Exploiting these vulnerabilities can allow attackers to perform spear-phishing attacks by making a series of pop-up windows and calls to...
Governor ownership can be lost because of not sanity check
Lines of code Vulnerability details Governor ownership can be lost because of no checks Impact Sanity checks are important to not affect reputation / flows and users of the protocol when a mistake is done. 0 address should be checked for important address assignments in this case, only done in th...
PT-2022-36696 · Git +1 · Clamav
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves several function calls, including fp cmp mag, crtmgr trust list lookup, an...