44 matches found
LienToken: Lender and liquidator can collude to block auction and seize collateral
Lines of code Vulnerability details If a lender offers a loan denominated in an ERC20 token that blocks transfers to certain addresses for example, the USDT and USDC blocklist, they may collude with a liquidator or act as the liquidator themselves to prevent loan payments, block all bids in the...
Tor domain remains online after Feds seize Z-Library websites
By Waqas Z-Library offered pirated e-books for free and proved a suitable alternative to expensive originals. This is a post from HackRead.com Read the original post: Tor domain remains online after Feds seize Z-Library websites...
kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option
A flaw was found in the Linux kernel. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the PTSUSPENDSECCOMP flag, possibly disabling seccomp...
Mitel MiCollab 安全漏洞
Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. A security vulnerability exists in Mitel MiCollab versions 9.1.3 through 9.5.0.101, which stems from an incorrect authorization control in the...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2384)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.
...
The vulnerability of the system call PTRACE_SEIZE in the secure computing mode of the Linux operating system’s kernel’s seccomp mechanism allows a attacker to increase their privileges.
The vulnerability of the system call PTRACESEIZE in the secure computing mode of the Linux operating system’s kernel’s seccomp mechanism is related to the possibility of circumventing restrictions on the use of the PTSUSPENDSECCOMP flag. Exploiting this vulnerability can allow an attacker to...
AZL-9747 CVE-2022-30594 affecting package kernel for versions less than 5.15.37.1-2
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the PTSUSPENDSECCOMP flag...
CVE-2022-30594
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the PTSUSPENDSECCOMP flag...
DEBIAN-CVE-2022-30594
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the PTSUSPENDSECCOMP flag...
UBUNTU-CVE-2022-30594
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the PTSUSPENDSECCOMP flag...
Oracle MySQL 输入验证错误漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation.MySQL Server is one of the database server components.MySQL Connectors is one of the drivers for connecting applications that use MySQL. An input validation error vulnerability exists in Oracle MySQL that...
PT-2022-2565 · Linux +9 · Linux Kernel +9
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.17.2 Description: The issue is related to the mishandling of seccomp permissions in the Linux kernel. Specifically, the PTRACE SEIZE code path allows attackers to bypass intended restrictions on setting the PT...
[WP-H4] The collateral assets impounded with settleBadDebt() will be frozen in the insuranceFund contract
Lines of code Vulnerability details In MarginAccount.solsettleBadDebt, the collateral assets will be seized and transferred to the insuranceFund contract. However, there is no way for the liquidity providers of the insuranceFund to get back the collateral assets. In the current implementation,...
Feds seize WeLeakInfo.com for selling stolen databases
By Sudais Asif WeLeakInfo.com was home to over 10,000 data breaches containing over 12 billion indexed records. This is a post from HackRead.com Read the original post: Feds seize WeLeakInfo.com for selling stolen databases...
Europol Shuts Down Two Major Illegal 'Dark Web' Trading Platforms
Europol announced the shut down of two prolific dark web marketplaces—Wall Street Market and Silkkitie also known as Valhalla—in simultaneous global operations against underground websites for trading drugs, stolen credit card numbers, malicious software, and other illegal goods. Police in wester...
Authorities seize 15 popular DDoS-for-hire websites
By Waqas Authorities have seized and shut down 15 popular DDoS-for-hire websites used by cybercriminals for revenge and DDoS distributed denial of service attacks on private individuals as well as businesses including online gaming giants, email service providers and hosting sites. The operation...
Authorities bust world’s largest DDoS-for-hire service & seize its domain
By Waqas In a large-scale joint operation called "Operation Power Off", the This is a post from HackRead.com Read the original post: Authorities bust world's largest DDoS-for-hire service & seize its domain...
Feds Seize BTC-E exchange website – CoinBase suffers DDoS attacks
By Waqas A couple of days ago it was reported that the 38-year-old Russian This is a post from HackRead.com Read the original post: Feds Seize BTC-E exchange website CoinBase suffers DDoS attacks...
Unspecified vulnerability in Moodle (CNVD-2017-06924)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. There is a security vulnerability in Moodle versions 2.x and 3.x. A remote attacker...