[SECURITY] Fedora 35 Update: snapd-2.56.2-2.fc35

Snappy is a modern, cross-distribution, transactional package manager designed for working with self-contained, immutable packages...

Functions of MarketPlace.sol will always revert

Lines of code Vulnerability details Impact Functions which call VaultTracker admin functions e.g. addNotional from MarketPlace will always revert since the admin is Creator. Proof of Concept VaultTracker.sol has an authorizedadmin modifier which only allows admin to call these functions. And the...

[SECURITY] Fedora 36 Update: snapd-2.55.3-2.fc36

Snappy is a modern, cross-distribution, transactional package manager designed for working with self-contained, immutable packages...

[SECURITY] Fedora 36 Update: snapd-2.56.2-1.fc36

Snappy is a modern, cross-distribution, transactional package manager designed for working with self-contained, immutable packages...

Basket NFT have no name and symbol

Lines of code Vulnerability details Impact The Basket contract is intended to be used behind a proxy. But the ERC721 implementation used is not upgradeable, and its constructor is called at deployment time on the implementation. So all proxies will have a void name and symbol, breaking all...

GHSA-JP3W-3Q88-34CF Miscomputation when performing AES encryption in rust-crypto

The following Rust program demonstrates some strangeness in AES encryption - if you have an immutable key slice and then operate on that slice, you get different encryption output than if you operate on a copy of that key. For these functions, we expect that extending a 16 byte key to a 32 byte k...

Miscomputation when performing AES encryption in rust-crypto

The following Rust program demonstrates some strangeness in AES encryption - if you have an immutable key slice and then operate on that slice, you get different encryption output than if you operate on a copy of that key. For these functions, we expect that extending a 16 byte key to a 32 byte k...

A malicious coder can get unsound access to TCell or TLCell memory

This is impossible to do by accident, but by carefully constructing marker types to be covariant, a malicious coder can cheat the singleton check in TCellOwner and TLCellOwner, giving unsound access to cell memory. This could take the form of getting two mutable references to the same memory, or ...

GHSA-X6GM-QQWP-76GR External Control of Assumed-Immutable Web Parameter in moodle

A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field...

External Control of Assumed-Immutable Web Parameter in moodle

A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field...

Total loss of funds on owner account compromise

Lines of code Vulnerability details Issue: The vault address may be arbitrarily updated by the owner using setVaultAddress. The owner can also call withdrawAll to move all funds to the vault. Consequence: A malicious owner or owner account compromise can siphon the entire contract's funds to an...

CVE-2022-29950

Experian Hunter 1.16 allows remote authenticated users to modify assumed-immutable elements via the 1 rule name parameter to the Rules page or the 2 subrule name or 3 categories name parameter to the Subrules page. NOTE: the vendor disputes this because version 1.16 has never existed...

Code injection

DISPUTED Experian Hunter 1.16 allows remote authenticated users to modify assumed-immutable elements via the 1 rule name parameter to the Rules page or the 2 subrule name or 3 categories name parameter to the Subrules page. NOTE: the vendor disputes this because version 1.16 has never existed...

CVE-2022-29950

Experian Hunter 1.16 allows remote authenticated users to modify assumed-immutable elements via the 1 rule name parameter to the Rules page or the 2 subrule name or 3 categories name parameter to the Subrules page. NOTE: the vendor disputes this because version 1.16 has never existed...

PT-2022-19930 · Experian · Experian Hunter

Name of the Vulnerable Software and Affected Versions: Experian Hunter version 1.16 Description: The issue allows remote authenticated users to modify assumed-immutable elements. This can be achieved via the rule name parameter to the "Rules page" or the subrule name or categories name parameter ...

The Bug Report - March 2022 Edition

The Bug Report - March 2022 By Charles McFarland · April 6, 2022 Your Cybersecurity Comic Relief Comic from https://geek-and-poke.com/ and remains unedited. https://creativecommons.org/licenses/by/3.0/ Use of this comic does not indicate endorsement by the creator. Why am I here? Welcome back the...

Denial of services in proxy context by setting immutable privileged addresses in constructor in upgradeable contracts

Lines of code Vulnerability details Impact Privileged immutable addresses in LenderPool such as POOLEDCREDITLINE, SAVINGSACCOUNT and VERIFICATION are set in the constructor in the logic contract. These values are run at the time of deployment and affect only the local storage of the logic contrac...

Linux Kernel 5.8 < 5.16.11 - Local Privilege Escalation (DirtyPipe) Exploit

// Exploit Title: Linux Kernel 5.8 Proof-of-concept exploit for the Dirty Pipe vulnerability CVE-2022-0847 caused by an uninitialized "pipebuffer.flags" variable. It demonstrates how to overwrite any file contents in the page cache, even if the file is not permitted to be written, immutable or on...

RUSTSEC-2022-0011 Miscomputation when performing AES encryption in rust-crypto

The following Rust program demonstrates some strangeness in AES encryption - if you have an immutable key slice and then operate on that slice, you get different encryption output than if you operate on a copy of that key. For these functions, we expect that extending a 16 byte key to a 32 byte k...

[SECURITY] Fedora 35 Update: snapd-2.54.3-1.fc35

Snappy is a modern, cross-distribution, transactional package manager designed for working with self-contained, immutable packages...