29 matches found
CVE-2023-51200
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability...
Vote power can be manipulated to propose and/or pass needed proposals
Lines of code Vulnerability details Impact The PartyGovernance contract is susceptible to vote manipulation, as an attacker could potentially acquire a substantial loan, even without collateral, within a single block before submitting a proposal. The voting process solely considers this particula...
SUSE CVE-2009-4124
Heap-based buffer overflow in the rbstrjustify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving 1 Stringljust, 2 Stringcenter, or 3 Stringrjust. NOTE: some of these details are obtained from third...
The cost of data security – it’s not just about the numbers
Organizations striving to improve their security posture often find this a multi-faceted challenge. In addition to the security product evaluation itself, security budgets are tight and justification is a necessary step. Financial language, however, is not everyone’s forte - and fiscal presentati...
U.S. Dept Of Defense: Access to requests and approvals via /█████ allows sensitive information gathering
Summary: An adversary is able to view/modify requests and approvals via ████████/████████. Step-by-step Reproduction Instructions 1. Browse to █████ and create an account or sign in. 2. Browse to ███████/██████████. You can now view current/past requests. 3. Clicking on these requests seems to...
Ghost hardware. Device No.1, the Ghost Pro
Colloquially known as a “Ghost Pro” this full spectrum camera is supposed to allow you to see beyond the visible spectrum, into the infrared and ultraviolet ranges. This one has Wi-Fi as well, for ease of remote control. There’s a few questions we wanted to answer with this one. Who’s the camera...
UBUNTU-CVE-2014-1536
The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read via unspecified vectors...
[SECURITY] Fedora 12 Update: html2ps-1.0-0.4.b5.fc12
An HTML to PostScript converter written in Perl. Many possibilities to control the appearance. Support for processing multiple documents. A table of contents can be generated. Configurable page headers/footers. Automatic hyphenation and text justification can be selected...
[SECURITY] Fedora 11 Update: html2ps-1.0-0.3.b5.fc11
An HTML to PostScript converter written in Perl. Many possibilities to control the appearance. Support for processing multiple documents. A table of contents can be generated. Configurable page headers/footers. Automatic hyphenation and text justification can be selected...