Lucene search
+L

356 matches found

Code423n4
Code423n4
added 2023/11/09 12:0 a.m.6 views

Upgraded Q -> 2 from #571 [1699543659773]

Judge has assessed an item in Issue 571 as 2 risk. The relevant finding follows: L-01 Internal accounting won’t work for rebase & elastic tokens --- The text was updated successfully, but these errors were encountered: All reactions...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/10/26 12:0 a.m.24 views

Incompatibility with Rebase tokens

Lines of code Vulnerability details Impact Borrowers can choose whatever token they want to be the underlying token for a market. The problem comes when those tokens are Rebasing tokens such as Ampleforth. The balances of those tokens are changed rebased by a certain algorithm depending on the...

7.1AI score
Exploits0
Oracle linux
Oracle linux
added 2023/10/20 12:0 a.m.52 views

18 security update

nodejs 1:18.18.2-2 - Rebase to version 18.18.2 Resolves: CVE-2023-44487 CVE-2023-45143 CVE-2023-38552 CVE-2023-39333 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 nodejs-packaging 2021.06-4 - NPM bundler: also find namespaced bundled dependencies 2021.06-3 - Rebuilt for...

5CVSS8.3AI score0.99999EPSS
Exploits21
Oracle linux
Oracle linux
added 2023/10/18 12:0 a.m.40 views

galera and mariadb security update

galera 26.4.14-1.0.1 - Rebase to 26.4.14 26.4.13-1.0.1 - Rebase to 26.4.13 26.4.12-1.0.1 - Rebase to 26.4.12 mariadb 3:10.5.22-1 - Rebase to 10.5.22 3:10.5.21-1 - Rebase to version 10.5.21 3:10.5.20-2 - Use fortifylevel to disable fortification in debug builds 3:10.5.20-1 - Rebase to version...

7.5CVSS7.7AI score0.02097EPSS
Exploits5
Oracle linux
Oracle linux
added 2023/10/13 12:0 a.m.52 views

mariadb:10.5 security update

galera 26.4.14-1 - Rebase to 26.4.14 26.4.13-1 - Rebase to 26.4.13 26.4.12-1 - Rebase to 26.4.12 Judy mariadb 3:10.5.22-1 - Rebase to 10.5.22 3:10.5.21-1 - Rebase to version 10.5.21 3:10.5.20-2 - Use fortifylevel to disable fortification in debug builds 3:10.5.20-1 - Rebase to version 10.5.20...

7.5CVSS7.7AI score0.02097EPSS
Exploits5
RedHat Linux
RedHat Linux
added 2023/10/09 10:29 a.m.46 views

Important: Red Hat Security Advisory: nodejs security, bug fix, and enhancement update

An update for nodejs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6.8AI score0.03906EPSS
Exploits5References16
Oracle linux
Oracle linux
added 2023/10/05 12:0 a.m.52 views

nodejs:18 security, bug fix, and enhancement update

nodejs 1:18.17.1-1 - Rebase to version 18.17.1 Resolves: rhbz2228940 Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 - Specify proper OpenSSL configuration section build Related: rhbz2226726 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 nodejs-packaging...

9.8CVSS9.7AI score0.02761EPSS
Exploits2
Code423n4
Code423n4
added 2023/10/04 12:0 a.m.17 views

accrueTokens will revert if any rebase tokens are used

Lines of code Vulnerability details Impact In PrimeLiquidityProvider.sol:accrueTokens we get the current balance of the passed token. If the token is any rebase token AMPL, stETH, RMPL and the current balance has become lower than tokenAmountAccruedtoken, the function will revert. This will lead ...

6.7AI score
Exploits0
Oracle linux
Oracle linux
added 2023/09/21 12:0 a.m.50 views

mariadb:10.3 security, bug fix, and enhancement update

galera 25.3.37-1 - Rebase to 25.3.37 Judy 1.0.5-18.0.1 - Rebuild Orabug: 31667911 mariadb 3:10.3.39-1 - MariaDB 10.3.32 socat: E Failed to set SNI host '' SST failure - Rebase to 10.3.39 - CVEs fixed: CVE-2022-47015, CVE-2018-25032, CVE-2022-32091, CVE-2022-32084...

7.5CVSS7.6AI score0.52063EPSS
Exploits3
Code423n4
Code423n4
added 2023/09/07 12:0 a.m.11 views

Discrepancy in Token Allowance After Rebase Events

Lines of code Vulnerability details The function returns the number of tokens that spender is allowed to spend on behalf of owner. However, in the context of tokens with rebase mechanisms, the owner's balance can dynamically change without explicit transactions. The described behavior might lead ...

6.9AI score
Exploits0
Rockylinux
Rockylinux
added 2023/08/31 4:55 p.m.17 views

sos bug fix and enhancement update

An update is available for sos. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sos package contains a set of utilities that gather information from system...

6.6AI score
Exploits0
Oracle linux
Oracle linux
added 2023/08/10 12:0 a.m.46 views

nodejs:18 security, bug fix, and enhancement update

nodejs 1:18.16.1-1 - Rebase to 18.16.1 Resolves: rhbz2188290 rhbz2166926 Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 - Replace /usr/etc/npmrc symlink with builtin configuration Resolves: rhbz2222287 nodejs-nodemon nodejs-packaging 2021.06-4 - NPM bundler: also find...

7.5CVSS7.6AI score0.03906EPSS
Exploits1
Oracle linux
Oracle linux
added 2023/08/10 12:0 a.m.46 views

nodejs:16 security, bug fix, and enhancement update

nodejs 1:16.20.1-1 - Rebase to 16.20.1 Resolves: rhbz2188289 Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 - Replace /usr/etc/npmrc symlink with builtin configuration Resolves: rhbz2222288 nodejs-nodemon nodejs-packaging...

7.5CVSS7.5AI score0.03906EPSS
Exploits1
Rockylinux
Rockylinux
added 2023/08/08 12:33 p.m.14 views

sos bug fix and enhancement update

An update is available for sos. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sos package contains a set of utilities that gather information from system...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/08/02 12:0 a.m.11 views

Lack of protection when caling CusdcV3Wrapper._withdraw

Lines of code Vulnerability details Impact When unwrapping the wComet to its rebasing comet, users with an equivalent amount of wComet invoking CusdcV3Wrapper.withdraw at around the same time could end up having different percentage gains because comet is not linearly rebasing. Moreover, the...

6.8AI score
Exploits0
Oracle linux
Oracle linux
added 2023/08/02 12:0 a.m.21 views

mod_auth_openidc:2.3 security update

cjose 0.6.1-3 - CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE Resolves: rhbz2223308 modauthopenidc 2.4.9.4-1 - Resolves: rhbz2025368 - Rebase to new version...

8.6CVSS7AI score0.0071EPSS
Exploits1
Oracle linux
Oracle linux
added 2023/07/26 12:0 a.m.59 views

linux-firmware security update

20230516-999.20.git6c9e0ed5.el7 - cd72938cb480 linux-firmware: Update AMD fam17h cpu microcode - 92624e57af69 linux-firmware: Update AMD cpu microcode 20230516-999.19.git6c9e0ed5.el7 - Rebase to upstream - Revert removal of old iwlwifi firmwares Orabug: 35260375...

5.5CVSS6.5AI score0.05794EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/07/11 1:58 a.m.4 views

SUSE CVE-2021-32494

Radare2 has a division by zero vulnerability in Mach-O parser's rebasebuffer function. This allow attackers to create malicious inputs that can cause denial of service...

10CVSS6.9AI score0.00837EPSS
Exploits1References3
OSV
OSV
added 2023/07/07 7:15 p.m.5 views

UBUNTU-CVE-2021-32494

Radare2 has a division by zero vulnerability in Mach-O parser's rebasebuffer function. This allow attackers to create malicious inputs that can cause denial of service...

10CVSS5.8AI score0.00837EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/07/07 12:0 a.m.10 views

PT-2023-12170 · Radare2 · Radare2

Name of the Vulnerable Software and Affected Versions: Radare2 affected versions not specified Description: The issue is related to a division by zero vulnerability in the Mach-O parser's rebase buffer function. This vulnerability allows attackers to create malicious inputs that can cause a denia...

10CVSS8.2AI score0.00837EPSS
Exploits1References8
Rows per page
Query Builder