11 matches found
Payload 安全漏洞
Payload is a headless CMS and application framework built using TypeScript, Node.js, React, and MongoDB. Versions of Payload prior to 3.74.0 have a security vulnerability. This vulnerability stems from an insecure direct object reference within the payload-preferences collection. In environments...
GHSA-4VCF-Q4XF-F48M Better Auth Passkey Plugin allows passkey deletion through IDOR
Summary Affected versions of the better-auth passkey plugin allow users with any valid session to delete arbitrary passkeys via their ID using POST /passkey/delete-passkey. Details ctx.body.id is implicitly trusted and used in passkey deletion queries. better-auth applications configured with...
EUVD-2024-54824
Malicious code in bioql PyPI...
CVE-2024-58265
The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby denying message delivery...
CVE-2024-58265
The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby denying message delivery...
This Week in Spring - November 19th, 2024
Hi, Spring fans! How are you? Can you believe we're already staring at the end of the month? It's that time of the year when we see new releases, and the new releases reflect that frenzy! Soon: Spring Boot 3.4.0! Are you updated? Make sure you're updated! Remember: Spring projects leave open sour...
CVE-2024-44958 sched/smt: Fix unbalance sched_smt_present dec/inc
In the Linux kernel, the following vulnerability has been resolved: sched/smt: Fix unbalance schedsmtpresent dec/inc I got the following warn report while doing stress test: jump label: negative count! WARNING: CPU: 3 PID: 38 at kernel/jumplabel.c:263 statickeyslowtrydec+0x9d/0xb0 Call Trace:...
CVE-2023-29336
Win32k Elevation of Privilege Vulnerability Recent assessments: gwillcox-r7 at May 31, 2023 9:15pm UTC reported: Doing a patch diff between a Windows 10 1607 x86 version of win32kfull.sys prior to the patch and after the patch shows that only one function changed: xxxEnableMenuItem. Looking at th...
Inconsistent use of the for loop increment
Lines of code Vulnerability details Impact Inconsistant use of ++ operator. In OperatorRegistry.sol line numbers 84 and 114 the for loop variable i is incremented as ++i . But in ERC20PermitPermissionedMint.sol line number 84, the loop variable i is incremented as i++. Consider keeping the...
DoS: Attacker May Front-Run CoreFactory.createProject() With A _projectId Causing Future Transactions With The Same _projectId to Revert
Lines of code Vulnerability details Impact A projectId may only be used once in CoreFactory.createProject since the modifier onlyAvailableProject will revert if project.creator != 0. The result is an attacker may front-run any createProject transaction in the mem pool and create another...
Server: Enumeration of shared files in documents
Due to using the auto-incrementing fileid instead of the random generated token to access files in the documents app an authenticated users could enumerate shared files of other users. For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...