CVE-2023-36748

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

GHSA-WHJ9-M24X-QHHP FastAsyncWorldEdit vulnerable to Uncontrolled Resource Consumption

Coordinated Disclosure Timeline - 10.06.2023: Issue reported to IntellectualSites - 11.06.2023: Issue is acknowledged - 12.06.2023: Issue has been fixed - 22.06.2023: Advisory has been published Impacted version range Before 2.6.3 Details Proof of Concept As a user, do the following: 1. Select...

PT-2023-35871 · Unknown · Javaparser

Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the CommentsInserter.insertComments function. It involves the java.base/java.util.Objects.equals and com.github.javaparser.Position.equals...

The vulnerability of the Linux operating system’s IPv6 RPL kernel implementation allows a attacker to cause a service failure.

The vulnerability of the IPv6 RPL implementation in Linux operating systems is related to incorrect calculation of the packet header size in the function ipv6rplsegdatapos in the net/ipv6/rpl.c module. Exploiting this vulnerability could allow a remote attacker to cause service failures...

CVE-2023-30510

A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this vulnerability is limited to a subset of URLs which can result in the possib...

Authentication flaw

A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this vulnerability is limited to a subset of URLs which can result in the possib...

totalBorrows is not deducted properly when Comptroller#healAccount is called

Lines of code Vulnerability details Impact TotalBorrowed in VToken is not accounted properly when healAccount is called. Proof of Concept ComptrollerhealAccount intends to forgive the debt of the account if the debt goes far too underwater. When that happens, the collateral is seized, some of the...

CVE-2023-32212

An attacker could have positioned a datalist element to obscure the address bar. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...

CVE-2023-28180

A denial-of-service issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. A user in a privileged network position may be able to cause a denial-of-service...

CVE-2023-28182

The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A user in a privileged network position may be able to spoof a VPN server that is configured with...

Denial of service

A denial-of-service issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. A user in a privileged network position may be able to cause a denial-of-service...

CVE-2023-28180

A denial-of-service issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. A user in a privileged network position may be able to cause a denial-of-service...

Lack of validation in opening positions parameters can lead to critical vulnerabilities at protocol level

Lines of code Vulnerability details Suspicious positions may be denied by voters if they don't seem legit, but over time it is very possible that one of them lands in the protocol, which can involve serious risks. Some attributes may not seem harmful with certain values at first sight, and can le...

POSITION LIMIT COULD BE FULLY REDUCED TO ZERO BY CLONES

Lines of code Vulnerability details Impact A newly opened position could have its limit fully reduced to zero as soon as the cooldown period has elapsed. Proof of Concept As seen in the function below, a newly opened position with 0 Frankencoin minted could have its limit turn 0 if the function...

[H-06] Double-entrypoint collateral token allows position owner to withdraw underlying collateral without repaying ZCHF

Lines of code Vulnerability details Impact Position::withdraw is intended to allow the position owner to withdraw any ERC20 token which might have ended up at position address. If the collateral address is passed as argument then Position::withdrawCollateral is called to perform the necessary...

Challenger incentives can be inflated with external transfers

Lines of code Vulnerability details Impact The function notifyChallengeSucceeded calculates the volume of ZCHF to be repaid, which is then used to calculate the reward for the challenger. The challenger can however artificially inflate this value. A challenger can start a challenge on an...

Challenges can be frontrun with de-leveraging to cause lossses for challengers

Lines of code Vulnerability details Impact Challenges, once created, cannot be closed. Thus once a challenge is created, the challenger has already transferred in a collateral amount and is thus open for losing their collateral to a bidding war which will most likely close below market price, sin...

Sound adjusting of a position could fail

Lines of code Vulnerability details Impact Increasing collateral and decreasing it's liquidation price, such that with new liquidation price and old collateral position is becoming unsound, leads to a revert. Such situation can happen often, imagine position that's fully minted and has market pri...

CVE-2023-29581

yasm 1.3.0.55.g101bc has a segmentation violation in the function deleteToken at modules/preprocs/nasm/nasm-pp.c. NOTE: although a libyasm application could become unavailable if this were exploited, the vendor's position is that there is no security relevance because there is either supposed to ...

CVE-2023-1796

A vulnerability classified as problematic has been found in SourceCodester Employee Payslip Generator 1.0. Affected is an unknown function of the file /classes/Master.php?f=saveposition of the component Create News Handler. The manipulation of the argument name with the input alertdocument.cookie...