24 matches found
EUVD-2022-27626
Malicious code in bioql PyPI...
Towards Effective Identification of Attack Techniques in Cyber Threat Intelligence Reports Using Large Language Models
This work evaluates the performance of Cyber Threat Intelligence CTI extraction methods in identifying attack techniques from threat reports available on the web using the MITRE ATT&CK framework. We analyse four configurations utilising state-of-the-art tools, including the Threat Report ATT&CK...
Starfish: Rebalancing Multi-Party Off-Chain Payment Channels
Blockchain technology has revolutionized the way transactions are executed, but scalability remains a major challenge. Payment Channel Network PCN, as a Layer-2 scaling solution, has been proposed to address this issue. However, skewed payments can deplete the balance of one party within a channe...
Security Bulletin: IBM QRadar SIEM is vulnerable to possible information disclosure (CVE-2022-22480)
Summary IBM QRadar SIEM is vulnerable to possible information disclosure due to data node rebalancing not functioning correctly. Vulnerability Details CVEID:CVE-2022-22480 DESCRIPTION: IBM QRadar SIEM data node rebalancing does not function correctly when using encrypted hosts which could result ...
How to Adjust the Bond Balance Interval in XenServer 6.x
XenServer 6.1.0 introduces a change to the NIC bonding load balancing algorithm for active-active bonds in the vSwitch network stack. In past releases, active-active bonds were set to rebalance load every 10 seconds. However, in XenServer 6.1.0 active-active bonds on the vSwitch rebalance load...
Insufficient Fund Guard for Treasury Reward Rebalancing Due to Unrestricted Withdrawals
Lines of code Vulnerability details Impact The potential issue identified in the Treasury.rebalanceTreasuryinvolves the risk of failing to transfer treasury rewards from ETHFromServices to ETHOwned due to insufficient funds in ETHFromServices. This situation can arise when the withdrawToAccount...
_sendNative in tapiocaz::Balancer::rebalance() not sending ETH can break service
Lines of code Vulnerability details Impact function sendNative address payable oft, uint256 amount, uint16 dstChainId, uint256 slippage private if addressthis.balance amount revert ExceedsBalance; routerETH.swapETH dstChainId, oft, //refund abi.encodePackedconnectedOFTsoftdstChainId.dstOft, amoun...
Calculation during rebalancing can overflow
Lines of code Vulnerability details Proof of Concept Rebalancing logic in TalosBaseStrategy will start by the strategy manager calling TalosBaseStrategy.rebalance to swap imbalanced tokens. This function will call TalosStrategySimple.doRebalance Next, PoolActions.swapEqualAmounts will be called...
Attacker can disable basket during un-registration, which can cause an unnecessary trade in some cases
Lines of code Vulnerability details At the mitigation contest there was an issue regarding the basketHandler.quantity call at the unregistration process taking up all gas. As a mitigation to that issue the devs set aside some gas and use the remaining to do that call. This opens up to a new kind ...
Mitigation of M-07: Issue not mitigated
MITIGATION IS NOT CONFIRMED MITIGATION IS NOT CONFIRMED Mitigation of M-07: Issue not mitigated Link to Issue: code-423n4/2023-03-asymmetry-findings765 Comments While the principal issue for M-07 described a de-peg scenario, which eventually was interpreted as a "black swan" event, I do think the...
Rebalance logic is wrong and this distorts the pool's important states
Lines of code Vulnerability details Impact The important states including long0Balance, long1Balance, long1FeeGrowth, long1ProtocolFees are wrongly calculated and it breaks the pool's invariant. Proof of Concept The protocol provides a rebalancing functionality and the main logic is implemented i...
CVE-2022-22480
IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889...
CVE-2022-22480
IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889...
Information disclosure
IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889...
CVE-2022-22480
IBM QRadar SIEM is vulnerable to information disclosure caused by data node rebalancing not functioning correctly when encrypted hosts are used. Affected versions: QRadar 7.4.0–7.4.3 Fix Pack 6 and 7.5.0–7.5.0 Update Pack 2. Remediation: upgrade to QRadar 7.4.3 Fix Pack 7 and QRadar 7.5.0 Update ...
CVE-2022-22480
IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889...
PT-2022-15460 · Ibm · Ibm Qradar Siem
Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM versions 7.4 through 7.5 Description: The issue is related to data node rebalancing in IBM QRadar SIEM when using encrypted hosts, which does not function correctly and could result in information disclosure. Recommendations:...
IBM QRadar SIEM 安全漏洞
IBM QRadar SIEM is a solution from International Business Machines IBM that leverages security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...
CVE-2022-22480
IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889...
Vault rebalancing can be exploited if two vaults rebalance into the same vault
Lines of code Vulnerability details Impact User funds stolen Proof of Concept Swap data is completely arbitrary and can be used to swap though malicious ERC20 tokens allowing control transfer. This control transfer would allow the attacker to call rebalance on a second vault and exploit both as...