5 matches found
PYSEC-2024-206
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, incorrect values can be logged when rawlog builtin is called with memory or storage arguments to be used as topics. A contract search was performed and no vulnerable contracts were found in...
CVE-2024-32645 vyper performs incorrect topic logging in raw_log
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, incorrect values can be logged when rawlog builtin is called with memory or storage arguments to be used as topics. A contract search was performed and no vulnerable contracts were found in...
PT-2024-24738 · Vyper · Vyper
Name of the Vulnerable Software and Affected Versions: Vyper versions 0.3.10 and prior Description: The issue arises when the raw log builtin is called with memory or storage arguments to be used as topics, resulting in incorrect values being logged. This is due to the build IR function of the...
Command injection
Multiple command injection vulnerabilities exist in the webserver ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The...
AWStats 5.0 6.3 - logfile File Inclusion Command Execution
AWStats 5.0 6.3 - logfile File Inclusion Command Execution Example: http://target/awstats.pl?filterrawlog=&rawlogmaxlines=5000&config=stats.jdims.info&framename=main&pluginmode=rawlog&log file=/etc/passwd...