CVE-2021-24911 Transposh WordPress Translation < 1.0.8 - Stored Cross-Site Scripting

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the tk0 parameter from the tptranslation AJAX action, leading to Stored Cross-Site Scripting, which will trigger in the admin dashboard of the plugin. The minimum role needed to perform such attack...

Affiliates Manager < 2.9.14 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Put the following payload in the "Currency Symbol" settings of the plugin and save: " Other settings...

Securing Open-Source Software

Good essay arguing that open-source software is a critical national-security asset and needs to be treated as such: Open source is at least as important to the economy, public services, and national security as proprietary code, but it lacks the same standards and safeguards. It bears the qualiti...

@toggled-apps/react-native-collapsible-scroll (>=1.0.0 <=1.0.2), @toggled-apps/react-native-product-carousel (=1.0.3) +9 more potentially affected by CVE-2022-24373 via react-native-reanimated (>=2.0.0-rc.0 <=2.0.1)

react-native-reanimated NPM version =2.0.0-rc.0, =1.0.0, =1.0.0, =41.0.0, =41.0.0, =1.0.0, =1.1.0, =1.1.2 - ui-ux =0.0.1 Source cves: CVE-2022-24373 Source advisory: SNYK:JS-REACTNATIVEREANIMATED-2949507...

Malicious code in minimum-flow-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 011d620beda8692dd780e1c593c87bc37c1b888ff9e017f9cfbb969f86469a52 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4603 Malicious code in minimum-flow-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 011d620beda8692dd780e1c593c87bc37c1b888ff9e017f9cfbb969f86469a52 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

_harvest rewards can be stolen because it doesn't implement any slippage bounds

Lines of code Vulnerability details Impact Harvested funds stolen Proof of Concept harvest does not implement any kind of minimum out when calling the 3 consecutive swaps L249, L263 and L275 to get from auraBal to Aura. An attacker could easily sandwich the least liquid pool and steal all the...

Low Value Definition On The Slippage

Lines of code Vulnerability details Impact Trades can happen at a bad price and lead to receiving fewer tokens than at a fair market price. The attacker's profit is the protocol's loss. Proof of Concept MyStrategy contract has low slippage checks which can lead to being vulnerable to sandwich...

PT-2022-19444 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description: The implementation of tf.raw ops.QuantizeAndDequantizeV4Grad does not fully validate the...

0 quantity orders are allowed

Description In the case of commodity purchases, the quantity is 0. Orders should not be allowed to be created, consuming meaningless resource behavior, and the order quantity should always be =1 Proof of Concept...

If the funding discount is set to 0 in Funding.sol, getAmountOut() will return always 0, no matter the amount of asset in.

Lines of code Vulnerability details Impact If a user doesn't set a minimum set to 0 of citadel expected in function deposit, can receive 0 tokens in exchange, no matter the amount of asset he's depositing. Proof of Concept The funding contract is used to trade citadel token with another asset. A...

New YVault depositors can be attacked by depressing share decimals

Lines of code Vulnerability details Impact An attacker can become the first depositor for a recently created YVault contract, providing a tiny amount of token by calling deposit1 raw values here, 1 is 1 wei, 1e18 is 1 token if it is 18 decimals. Then the attacker can directly transfer, for exampl...

Can steal yVault deposits due to bad initial shares calculation

Lines of code Vulnerability details Impact The yVault.deposit function mints initial shares equal to the deposited amount. The deposit / withdraw functions also use the balance, which includes the contract balance token.balanceOfaddressthis, to compute the shares. It's possible to increase the...

GHSA-GV26-JPJ9-C8GQ Incomplete validation in `SparseSparseMinimum`

Impact Incomplete validation in SparseAdd results in allowing attackers to exploit undefined behavior dereferencing null pointers as well as write outside of bounds of heap allocated data: python import tensorflow as tf aindices = tf.ones45, 92, dtype=tf.int64 avalues = tf.ones45, dtype=tf.int64...

denial fo service

Lines of code Vulnerability details processWithdrawals can process limited amount in each call. an attacker can push to withdrawals enormous amount of withdrawals with amount = 0. in order to stop the dos attack and process the withdrawal, the governance needs to spend as much gas as the attacker...

PT-2022-7627 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the ASoC component in the Linux kernel, specifically with the function snd soc put volsw. The problem arises because the limits of the control can be signed...

Basis points constant BPS_MAX is used as minimal fee amount requirement

Lines of code Vulnerability details Impact Base fee modules require minimum fixed fee amount to be at least BPSMAX, which is hard coded to be 10000. This turns out to be a functionality restricting requirement for some currencies. For example, WBTC , 10 in ERC20 token rankings, has decimals of 8...

[WP-H12] forceUnsponsor() may open a window for attackers to manipulate the _totalShares and freeze users' funds at a certain deposit amount

Handle WatchPug Vulnerability details if force && sponsorAmount totalUnderlying sponsorToTransfer = totalUnderlying; else if !force require sponsorToTransfer totalUnderlying, the contract will transfer totalUnderlying to sponsorToTransfer, even if there are other depositors and totalShares 0. Aft...

Missing slippage/min-return check in the curve Pool

Handle defsec Vulnerability details Impact Trades can happen at a bad price and lead to receiving fewer tokens than at a fair market price. The attacker's profit is the protocol's loss. Proof of Concept The NonUSTStrategy contract is missing slippage checks which can lead to being vulnerable to...

Lack of slippage checks during swap

Handle ye0lde Vulnerability details Impact Since the code does not use a minimum return value for swaps it is susceptible to sandwich attacks. More information here: Proof of Concept Here the code Calls Curve to convert the existing underlying balance into UST: / Calls Curve to convert the existi...