EUVD-2019-17940

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-13350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runner...

CVE-2024-6621

The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wprssactivatefeedsource' and 'wprsspausefeedsource' functions in all versions up to, and including, 4.23.11...

Core functionality is not working due to revert in _verifyCreatorOrOwner()

Lines of code Vulnerability details Impact It is not possible to pause/unpause vaults and adaptors nor add staking reward tokens since the verifyCreatorOrOwner function reverts due to a logical error. Proof of Concept The following logic is used to determine if msg.sender is a creator or owner of...

Malicious pausing the contract

Lines of code Vulnerability details Vulnerability details Description There is a function createAuction in Auction contract. It consist the following logic: /// @dev Creates an auction for the next token function createAuction private // Get the next token available for bidding try token.mint...

PT-2022-22006 · Crestron · Crestron Airmedia Windows Application

Name of the Vulnerable Software and Affected Versions: Crestron AirMedia Windows Application version 4.3.1.39 Description: An insufficient access control issue was found in the Crestron AirMedia Windows Application. This issue allows a user to pause the uninstallation of an executable, resulting ...

Pausing can cause serious bad debt since debt can't be liquidated.

Lines of code Vulnerability details Impact Pausing can cause serious bad debt since debt can't be liquidated. For example, if 1 UST is used as collateral to borrow 0.7 USDT 30% safety. Then UST crashed and chainlink stopped working. You left no choice but to pause the contract. After that UST...

All withdrawal functionality is paused when contract is paused

Lines of code Vulnerability details Impact When the strategy contract is paused, all withdrawal functionality will be paused. Based on the comments in MyStrategy.sol and baseStrategy.sol, withdrawToVault should not be affected by the pause functionality. This is not the case due to the...

CVE-2020-13350

CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are =13.5.0, =13.4.0, 13.4.5,13.3.9...

CVE-2020-9835

An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 13.5 and iPadOS 13.5. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing...

Design/Logic Flaw

An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 13.5 and iPadOS 13.5. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing...

CVE-2020-9835

An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 13.5 and iPadOS 13.5. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing...

CVE-2020-9835

CVE-2020-9835 affects FaceTime in iOS/iPadOS; when a user exits the FaceTime app while the call is ringing, pausing the video may fail. Apple fixed this by improved logic in iOS 13.5 and iPadOS 13.5. The vulnerability is tied to the FaceTime component and is documented with the fix in Apple’s sec...

Design/Logic Flaw

An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing...

CVE-2019-8550

An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing...

CVE-2019-8550

CVE-2019-8550 concerns the FaceTime pausing behavior. According to the provided sources, an issue caused a user’s FaceTime video to fail to pause if they exited the FaceTime app while the call was ringing. The vulnerability is fixed by updated logic in the affected platforms: iOS 12.2, macOS Moja...

GitLab: [Admin Panel] CSRF to resume/pause runner

Hi, Just found a CSRF in admin panel of gitlab instance to pause/resume runner. Steps to reproduce - http://gitlabinstance/admin/runners/:runnerid/resume - http://gitlabinstance/admin/runners/:runnerid/pause Video: ███████ password: ██████████ Impact Just found a CSRF in admin panel of gitlab...

lifetype 1.2.11 CSRF Add User

Exploit for php platform in category web applications +---------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title := lifetype 1.2.11 CSRF Add User Date := 05/april/2012 Author := khaled-Ham Software link :...