CVE-2022-44051

The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...

CVE-2022-44051

The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...

PYSEC-2022-43109

The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...

PYSEC-2022-43086

The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...

PYSEC-2022-43109

The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...

PYSEC-2022-43086

The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...

Democritus Project 代码问题漏洞

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. democritus Project d8s-stats version 0.1.0 contains a security vulnerability stemming from the presence of a potential code execution backdoor inserted by a third party in t...

CVE-2022-44051

The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...

CVE-2022-44051

The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...

PT-2022-37349 · Pypi · D8S-Htm +2

Name of the Vulnerable Software and Affected Versions: d8s-stats version 0.1.0 d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-stats package for python distributed on PyPI. Another affected package is democritus-math...

PT-2022-37372 · Pypi · D8S-Htm +2

Name of the Vulnerable Software and Affected Versions: d8s-stats version 0.1.0 d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-stats package for python distributed on PyPI. Another affected package is democritus-math...

PT-2022-27092 · D8S-Htm +2 · D8S-Htm +2

Name of the Vulnerable Software and Affected Versions: d8s-htm version 0.1.0 democritus-math affected versions not specified Description: A potential code-execution backdoor was inserted by a third party into the d8s-stats for python distributed on PyPI. The democritus-math package also contains ...

EulerOS 2.0 SP5 : golang (EulerOS-SA-2022-2710)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In filepath.Clean in path/filepath in Go before 1.17.11 and 1.18.x before 1.18.3 on Windows, invalid paths such as .\c: could be converted to...

RHEL 8 : git-lfs (RHSA-2022:7129)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7129 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while...

Moderate: git-lfs security and bug fix update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension...

The arithmetic operator can overflow

Lines of code Vulnerability details Impact It is possible to cause an integer overflow or underflow in the arithmetic operation. Proof of Concept Contract: GraphProxyAdmin Function name: getProxyPendingImplementationaddress PC address: 1898 Estimated Gas Usage: 1387 - 36513 In file:...

The arithmetic operator can overflow

Lines of code Vulnerability details Impact It is possible to cause an integer overflow or underflow in the arithmetic operation. Description An overflow/underflow happens when an arithmetic operation reaches the maximum or minimum size of a type. For instance if a number is stored in the uint8...

Minting LP for a token pair that contains a fee on transfer token will cause partial loss of funds for other token in pair

Lines of code Vulnerability details Impact Partial loss of funds for other token in pair with fee on transfer token Proof of Concept AlgebraPool.solL458-L467 liquidityActual = liquidityDesired; if receivedAmount0 amount0 liquidityActual = uint128FullMath.mulDivuint256liquidityActual,...

genealogy.math.ndsu.nodak.edu Cross Site Scripting vulnerability OBB-2955486

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Remote Code Execution (RCE)

d8s-math is vulnerable to remote code execution. The vulnerability exists because the library does not properly handle the package upload mechanism, allowing an attacker to inject and execute malicious packages...