Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Code423n4
Code423n4added 2022/08/17 12:0 a.m.7 views

Approved Borrower can can walk away with collateral in leveraged borrowed Position

Lines of code Vulnerability details Impact When an approved borrower calls leveragedPosition , their userBorrowShares and userCollateralBalance values are updated. The borrow will be able to walk away with collateral balance by adding more collateral to pass the isSolvent check and remove all the...

6.7AI score
Exploits0
Code423n4
Code423n4added 2022/08/17 12:0 a.m.11 views

Not calling approve(0) before setting a new approval might cause reverts when used with Tether (USDT)

Lines of code Vulnerability details Impact Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether USDT's approve function will revert if the current approval is not zero, to protect against front-running changes o...

7AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2019/07/05 12:0 a.m.19 views

Foxit PhantomPDF addWatermarkFromText Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField...

7.8CVSS2.8AI score0.00606EPSS
Exploits0References1
Prion
Prionadded 2010/03/25 5:30 p.m.12 views

Remote file inclusion

PHP remote file inclusion vulnerability in cgi/index.php in AdvertisementManager 3.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the req parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. dot dot sequences...

7.5CVSS7.9AI score0.03683EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2007/11/05 6:46 p.m.8 views

Cross site scripting

dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a 1 del, 2 delbackup, 3 res, or 4 ren action. NOTE: this issue can be leveraged to conduct cross-site scripting XSS and possibly other attacks...

4.3CVSS6.2AI score0.00649EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2007/03/03 7:0 p.m.25 views

CVE-2005-4831

viewcvs in ViewCVS 0.9.2 allows remote attackers to set the Content-Type header to arbitrary values via the content-type parameter, which can be leveraged for cross-site scripting XSS and other attacks, as demonstrated using 1 "text/html", or 2 "image/jpeg" with an image that is rendered as HTML ...

5.5AI score0.00463EPSS
Exploits1References4
Rows per page
Query Builder