CVE-2020-25821

peg-markdown 0.4.14 has a NULL pointer dereference in processrawblocks in markdownlib.c. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

Unchecked cToken mint in mint() risks imbalance, breaking 1:1 peg reserve backing.

Lines of code Vulnerability details Impact mint does not check return code from cToken.mint. If minting fails, contract could have imbalance between cTokens and minted asD tokens. Attacker mints asD but underlying cToken mint fails. Result is loss of 1:1 peg backing. Proof of Concept In the mint...

Unchecked redeemUnderlying failure allows burning asD without redeeming NOTE, breaking peg.

Lines of code Vulnerability details Impact The burn function does not validate the return code from redeemUnderlying. This means if redeeming fails, asD tokens could be burned without redeeming the underlying NOTE, breaking 1:1 peg. Attacker burns asD tokens and receives NOTE, but contract fails ...

peg-kl.de Improper Access Control vulnerability OBB-3778940

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Incorrect calculation of totalSupply(), balanceOf() in rUSDY.sol if the rate is unlinked from $1

Lines of code Vulnerability details Impact In rUSDY.sol, the functions totalSupply, balanceOf are calculated. totalSupply : function totalSupply public view returns uint256 return totalShares oracle.getPrice / 1e18 BPSDENOMINATOR; balanceOf : function balanceOfaddress account public view returns...

Custom redemption can be used to get more than RToken value, when an upwards depeg occurs

Lines of code Vulnerability details Custom redemption allows to redeem RToken in exchange of a mix of previous baskets as long as it's not more than the prorata share of the redeemer. The assumption is that previous baskets aren't worth more than the target value of the basket. However, a previou...

Mitigation of M-07: Issue not mitigated

MITIGATION IS NOT CONFIRMED MITIGATION IS NOT CONFIRMED Mitigation of M-07: Issue not mitigated Link to Issue: code-423n4/2023-03-asymmetry-findings765 Comments While the principal issue for M-07 described a de-peg scenario, which eventually was interpreted as a "black swan" event, I do think the...

UBUNTU-CVE-2020-23915

An issue was discovered in cpp-peglib through v0.1.12. peg::resolveescapesequence in peglib.h has a heap-based buffer over-read...

CVE-2020-23914

An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer dereference exists in the peg::AstOptimizer::optimize located in peglib.h. It allows an attacker to cause Denial of Service...

cpp-peglib 代码问题漏洞

yhirose cpp-peglib is a yhirose open source application. A header-only PEG Parsed Expression Grammar library. A security vulnerability exists in cpp-peglib through v0.1.12, which stems from a null pointer dereference present in peg::AstOptimizer::optimize located in peglib.h. An attacker could...

PT-2021-10984 · Unknown +1 · Cpp-Peglib +1

Name of the Vulnerable Software and Affected Versions: cpp-peglib versions prior to 0.1.13 Description: An issue was discovered in the peg::resolve escape sequence function, located in peglib.h, which has a heap-based buffer over-read. Recommendations: For versions prior to 0.1.13, update to...

cpp-peglib 缓冲区错误漏洞

yhirose cpp-peglib is a yhirose open source application. A header-only PEG Parsed Expression Grammar library. A security vulnerability exists in cpp-peglib version v0.1.12 and earlier, which stems from peg::resolve escape sequence in peglib.h having a heap-based buffer over-read...

pegperego.co.kr Cross Site Scripting vulnerability OBB-1411166

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Pastego - Scrape/Parse Pastebin Using GO And Expression Grammar (PEG)

Scrape/Parse Pastebin using GO and grammar expression PEG. Installation $ go get -u github.com/notdodo/pastego Usage Search keywords are case sensitive pastego -s "password,keygen,PASSWORD" You can use boolean operators to reduce false positive pastego -s "quake && earthquake, password && php ||...

CVE-2020-25821

peg-markdown 0.4.14 has a NULL pointer dereference in processrawblocks in markdownlib.c. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

Null pointer dereference

peg-markdown 0.4.14 has a NULL pointer dereference in processrawblocks in markdownlib.c. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2020-25821

Peg-markdown 0.4.14 is affected by a NULL pointer dereference in process_raw_blocks within markdown_lib.c. Public descriptions repeatedly note that this vulnerability only impacts products that are no longer supported by the maintainer. The issue is documented across multiple feeds (NVD, Red Hat,...

CVE-2020-25821

peg-markdown 0.4.14 has a NULL pointer dereference in processrawblocks in markdownlib.c. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

Pastego - Scrape/Parse Pastebin Using GO And Expression Grammar (PEG)

Scrape/Parse Pastebin using GO and grammar expression PEG. Installation $ go get -u github.com/edoz90/pastego Usage Search keywords are case sensitive pastego -s "password,keygen,PASSWORD" You can use boolean operators to reduce false positive pastego -s "quake && earthquake, password && php ||...

peg-peregoparts.com XSS vulnerability

Open Bug Bounty ID: OBB-249551 Description| Value ---|--- Affected Website:| peg-peregoparts.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...