4 matches found
Decimal: Unbounded exponent in `Decimal.new` enables unauthenticated DoS
Summary decimal doesn't bound the exponent on parsed input, so something like "1e10000000" is parsed fine but then explodes the memory to more than 7GB if you run e.g. Decimal.addDecimal.parse"1e10000000", 1 because for positive exp, the function tail-recurses with coef 10 and exp - 1 per...
Sunbird DCIM dcTrack 安全漏洞
Sunbird DCIM dcTrack is an asset monitoring management software from Sunbird DCIM. A security vulnerability exists in Sunbird DCIM dcTrack that stems from remote access feature abuse and could result in network traffic redirection...
Hackers are implanting multiple backdoors at industrial targets in Japan
Cybersecurity researchers on Tuesday disclosed details of a sophisticated campaign that deploys malicious backdoors for the purpose of exfiltrating information from a number of industry sectors located in Japan. Dubbed "A41APT" by Kaspersky researchers, the findings delve into a new slew of attac...
CVE-2020-12280
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php...