Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2024/12/30 12:0 a.m.1 views

iXsystems TrueNAS CORE 安全漏洞

iXsystems TrueNAS CORE is an open source storage software from iXsystems. A security vulnerability exists in iXsystems TrueNAS CORE version 13.3-RELEASE, which stems from the use of an insecure protocol for transferring update files when processing firmware updates, which could result in the...

6.5CVSS4.1AI score0.00045EPSS
Exploits0References3
BDU FSTEC
BDU FSTECadded 2024/04/02 12:0 a.m.1 views

The vulnerability of the PowerScale OneFS operating system, related to the transfer of data in an open manner, allows a hacker to increase their privileges.

The vulnerability of the PowerScale OneFS operating system is related to the transfer of data in an open manner. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.3CVSS5.5AI score0.0004EPSS
Exploits0References3Affected Software1
Code423n4
Code423n4added 2023/09/14 12:0 a.m.5 views

https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L467-L480

Lines of code Vulnerability details Impact In this function InvestmentManager.deposit, the require statement calls the lPool.transferFrom function with an arbitrary from address. This means that the attacker can control who the tokens are transferred from. Proof of Concept Tools Used manuel revie...

6.9AI score
Exploits0
Code423n4
Code423n4added 2022/07/08 12:0 a.m.11 views

Usage of insecure transfer/transferFrom

Lines of code Vulnerability details Proof of Concept This is a well known issue, the protocol uses at many parts the insecure transfer/safeTransfer for generic ERC20 tokens. Recommended Mitigation Steps Use OZ Safe Transfer --- The text was updated successfully, but these errors were encountered:...

6.9AI score
Exploits0
Code423n4
Code423n4added 2022/06/18 12:0 a.m.6 views

Upgraded Q -> M from 153 [1655579808802]

Judge has assessed an item in Issue 153 as Medium risk. The relevant finding follows: L03 Callvalue:amt"" should be used instead of send In ForgottenRunesWarriorsGuild.withdrawAll. transfer and send should be avoided because they take a hard dependency on gas costs by forwarding a fixed amount of...

6.8AI score
Exploits0
CNNVD
CNNVDadded 2022/06/16 12:0 a.m.0 views

AutomationDirect C-more EA9 HMI 跨站脚本漏洞

The AutomationDirect C-more EA9 HMI is a series of touchscreen panels from AutomationDirect, Inc. A cross-site scripting vulnerability exists in the AutomationDirect C-more EA9 HMI, which arises from the use of an insecure mechanism to transfer credentials from the client to the web server, which...

7.5CVSS7AI score0.00116EPSS
Exploits0References4
Hacker One
Hacker Oneadded 2014/04/22 11:43 a.m.187 views

Cloudflare: Cookie missing the Secure flag

Cookie cfduid missing the Secure flag Summary: The Secure flag was missing on the cookie: This may allow the cookie to be transferred over an insecure channel. .the cookies are cfduid cfeffload cfeffload...

6.9AI score
Exploits0
Rows per page
Query Builder