code written in MulticallRootRouter.sol is wrong .

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps 0x01 |...

CoreRootRouter.executeDepositSingle FUNCTION REVERTS FOR SINGLE ASSETS DEPOSITS THUS FAILING THE TRANSACTION

Lines of code Vulnerability details Impact The RootBridgeAgent.lzReceiveNonBlocking function calls the respective RootBridgeAgentExecutor functions based on the flag parsed via the payload0. The payload0 == 0x02 stands for the Call with Deposit remote call. The...

Ubuntu: Security Advisory (USN-6396-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6396-2 linux-kvm vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Daniel Moghimi discovered that some IntelR Processors...

Default credentials

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user...

Privilege escalation

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe...

CVE-2023-26239

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user...

CVE-2023-26239

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user...

USN-6417-1: Linux kernel vulnerabilities

It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. CVE-2021-4001 It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash...

[SECURITY] Fedora 38 Update: golang-github-envoyproxy-control-plane-0.11.1-1.fc38

Go implementation of data-plane-api...

Zod denial of service vulnerability during email validation

Impact API servers running express-zod-api having: - version of express-zod-api below 10.0.0-beta1, - and using the following or similar validation schema in its implementation: z.string.email, are vulnerable to a DoS attack due to: - Inefficient Regular Expression Complexity in zod versions up t...

[SECURITY] Fedora 37 Update: openmpi-4.1.4-6.fc37

Open MPI is an open source, freely available implementation of both the MPI-1 and MPI-2 standards, combining technologies and resources from several other projects FT-MPI, LA-MPI, LAM/MPI, and PACX-MPI in order to build the best MPI library available. A completely new MPI-2 compliant...

(0Day) D-Link DIR-X3260 prog.cgi Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi executable. The issue results from an incorrect...

CVE-2023-4097

CVE-2023-4097 affects IDM Sistemas QSige. The issue is a file upload vulnerability where the upload function accepts any file type due to improper implementation, requiring an authenticated user. Impact is reported as high (C/H/I/A) with CVSS v3.1 base score 8.8. Documented details do not specify...

Fedora 37 : firecracker / rust-aes-gcm (2023-bc40c7995e)

The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-bc40c7995e advisory. - Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages firecracker for aes-gcm v0.10.3...

MGASA-2023-0273 Updated quictls packages fix security vulnerabilities

The updated packages fix security vulnerabilities: AES-SIV implementation ignores empty associated data entries. CVE-2023-2975 Excessive time spent checking DH keys and parameters. CVE-2023-3446 Excessive time spent checking DH q parameter value. CVE-2023-3817...

Updated quictls packages fix security vulnerabilities

The updated packages fix security vulnerabilities: AES-SIV implementation ignores empty associated data entries. CVE-2023-2975 Excessive time spent checking DH keys and parameters. CVE-2023-3446 Excessive time spent checking DH q parameter value. CVE-2023-3817...

Updated java packages fix security vulnerabilities

The updated packages fix security vulnerabilities and a file conflict : Improper connection handling during TLS handshake. CVE-2023-21930 Incorrect enqueue of references in garbage collector. CVE-2023-21954 Certificate validation issue in TLS session negotiation. CVE-2023-21967 Swing HTML parsing...

Unlocking Seamless API Security: Revenera’s Journey with Wallarm

In today's digital landscape, ensuring the security of web applications and APIs is paramount. The journey to find the right security solution can be filled with challenges and choices. In this blog post, we'll dive into the experience of Rob Davies, VP of Engineering and Lead Architect at...

Zero amount withdrawals of SafEth or Votium will brick the withdraw process

Lines of code Vulnerability details Summary Withdrawals of amount zero from both SafEth and VotiumStrategy have issues downstream that will cause the transaction to revert, potentially bricking withdrawals from being executed. Impact Withdrawals in AfEth undergo a process to account for any...