Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2025/05/06 4:44 p.m.1 views

GHSA-M2XR-2VJ4-WH94 tanton_engine has unsound public API

The following functions in the tantonengine crate are unsound due to lack of sufficient boundary checks in public API: - Stack::offset - ThreadStack::get - RootMoveList::insertscoredepth - RootMoveList::insertscore The tantonengine crate is no longer maintained, so there are no plans to fix this...

7AI score
Exploits0References1
OSV
OSVadded 2023/12/12 7:15 a.m.1 views

CVE-2023-41114

An issue was discovered in EnterpriseDB Postgres Advanced Server EPAS before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It contains the functions geturlastext and geturlasbytea that are publicly executable, thus permitting an authenticated us...

6.5CVSS5.8AI score0.00084EPSS
Exploits0References1
Code423n4
Code423n4added 2023/10/06 12:0 a.m.7 views

Functions can be called directly externally

Lines of code Vulnerability details Impact @dev This exists as a standalone contract but will only ever contain proxy code, not state. As such it should never be called directly or externally, and should only be invoked with DELEGATECALL so that it operates on the contract state within the primar...

7AI score
Exploits0
Code423n4
Code423n4added 2022/11/13 12:0 a.m.10 views

internalCall modifier can be circumvented with execute / bulkExecute

Lines of code Vulnerability details Impact The internalCall modifier ensures that public functions can only be called from another public function and not directly. It is implemented like that: modifier internalCall requireisInternal, "This function should not be called directly"; ; The modifier...

7.2AI score
Exploits0
Code423n4
Code423n4added 2022/01/27 12:0 a.m.6 views

Check transferFrom is from msg.sender

Handle mics Vulnerability details The following functions are taking money from a user but not necessary on its control. If a user sets more allowance than they have to, for example if they want to those functions many times and don't want to call approve again, then their funds can be stolen by...

6.8AI score
Exploits0
Code423n4
Code423n4added 2021/05/29 12:0 a.m.11 views

auth only works well with external functions

Handle gpersoon Vulnerability details Impact The auth modifier of AccessControl.sol doesn't work as you would expect. It checks if you are authorized for "msg.sig", however msg.sig is the signature of the first function you have called, not of the current function. So if you call function A, whic...

7AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2019/11/20 12:0 a.m.53 views

OracleVM 3.4 : xen (OVMSA-2019-0054)

The remote OracleVM system is missing necessary patches to address critical security updates : - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=a3ec6768f487946b7316364bc9bd17ce4d752af5 - BUILDINFO: QEMU upstream...

6.5CVSS6.7AI score0.00262EPSS
Exploits0References2
Rows per page
Query Builder