Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...

CVE-2025-0980

Nokia SR Linux is vulnerable to an authentication vulnerability allowing unauthorized access to the JSON-RPC service. When exploited, an invalid validation allows JSON RPC access without providing valid authentication credentials...

CVE-2025-0980

Nokia SR Linux contains an authentication bypass in its JSON-RPC service. The vulnerability arises from invalid validation that allows access to JSON-RPC without valid credentials, enabling unauthorized access locally. Affected product: Nokia SR Linux (JSON-RPC interface); underlying issue: flawe...

Online Hotel Reservation System Arbitrary File Upload Vulnerability

Online Hotel Reservation System is an online hotel reservation system. Online Hotel Reservation System has an arbitrary file upload vulnerability that stems from the lack of valid validation of uploaded files by the parameter image in the file /admin/addexec.php. No details of the vulnerability a...

CVE-2022-3346

DNSSEC validation is not performed correctly. An attacker can cause this package to report successful validation for invalid, attacker-controlled records. The owner name of RRSIG RRs is not validated, permitting an attacker to present the RRSIG for an attacker-controlled domain in a response for...

CVE-2017-7151

A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4...

PT-2024-39884 · WordPress · Enable Shortcodes Inside Widgets

Name of the Vulnerable Software and Affected Versions: The Enable Shortcodes inside Widgets,Comments and Experts plugin for WordPress version 1.0.0 and earlier Description: The issue allows unauthenticated attackers to execute arbitrary shortcodes due to the software not properly validating a val...

CVE-2024-1728 Local File Inclusion in gradio-app/gradio

gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in t...

Attacker can cause deposits to be locked in the Solana lockbox

Lines of code Vulnerability details Impact An attacker can cause deposits to be locked in the lockbox Proof of Concept In withdraw, if the position has 0 liquidity the execution is reverted function withdrawuint64 amount external address positionAddress =...

Signature Verification for voteForManyWithSig Function

Lines of code Vulnerability details Potential Risk: The voteForManyWithSig function in the CultureIndex contract allows users to vote on multiple pieceIds using a provided signature. While it attempts to verify the signature, there are some potential risks associated with signature verification...

Signature Verification for batchVoteForManyWithSig Function

Lines of code Vulnerability details Potential Risk: The batchVoteForManyWithSig function in the CultureIndex contract allows multiple users to execute a batch of votes using provided signatures. While it attempts to verify the signatures, there are potential risks associated with signature...

CurveTricryptAdapter::primitiveOutputAmount & Curve2PoolAdapter::primitiveOutputAmount can swap without slippage tolerance

Lines of code Vulnerability details Impact While there is a “Slippage protection” implementation in the contract if uint256minimumOutputAmount outputAmount revert SLIPPAGELIMITEXCEEDED; There is no validation that minimumOutputAmount is not set to 0. This can result in lost of funds. Although Oce...

improper validations result in loss of funds.

Lines of code Vulnerability details Impact due the improper validation on amount , the users can pass Amount as 0 the calculated fee will be 0 and safeTranferFrom will pass. function getNFTMintingPriceuint256 id, uint256 amount public view returns uint256 fee address bondingCurve =...

Signature malleability can occur by using EVM's ecrecover

Lines of code Vulnerability details Impact EVM's ecrecover is susceptible to signature malleability which allows replay attacks, check this. Proof of Concept OffChainSignatureValidator in its function isValidSignature checks for signature validity by using vulnerable method of ecrecover. address...

After market expires, user can still repay / deposit, but fund are lost

Lines of code Vulnerability details Impact After market expires, user can still repay / deposit, but fund are lost Proof of Concept In OmniToken.sol or OmniTokenNoBorrow.sol user can deposit any time If user borrows token, user can repay from OmniPool.sol any time but the problem is that, after a...

Sanction Bypass Through Depositing to Authorized Borrower's Market

Lines of code Vulnerability details Impact Wildcat protocol provides lending with lender backed collateral considered as reserves and the ratio must be upheld by the borrower. The protocol team has taken certain steps to prevent interaction with sanctioned users. However, sanction status is only...

sellCVX(0) reverts

Lines of code Vulnerability details Impact A withdrawal cannot be finalised if requested at a time when AfEth had only safEth, and that owed share of safEth is permanently lost. Proof of Concept It is possible that AfEth holds at most dust amounts of vAfEth if ratio = 100 %. The amounts of vAfEth...

An attacker can use the flashloan function with an invalid collateral asset

Lines of code Vulnerability details Impact Function flashloan - allows delegate token owner or approved operator to borrow their underlying tokens for the duration of a single atomic transaction. The function uses Structs.FlashInfo calldata info as an input parameter. Failure to call...

Incorrect Handling of Empty rights Parameter in delegateAll Function

Lines of code Vulnerability details Description The delegateAll function does not correctly handle the case where the rights parameter is empty. In this case, the function will attempt to write an empty string to the Storage.POSITIONSRIGHTS storage location. This behavior could lead to unexpected...

Potential Out-of-Bounds Error When Modifying Ranges

Lines of code Vulnerability details The method allows for the modification of a range based on an index. However, there's no explicit check to ensure that the provided indexToModify is within the bounds of the ranges array. If an out-of-bounds index is provided, the method will throw a generic...