2673 matches found
EUVD-2022-3384
Malicious code in bioql PyPI...
EUVD-2025-3347
Malicious code in bioql PyPI...
CVE-2025-61595
MANTRA is a purpose-built RWA Layer 1 Blockchain, capable of adherence to real world regulatory requirements. Versions 4.0.1 and below do not enforce the tx gas limit in its send hooks. Send hooks can spend more gas than what remains in tx, combined with recursive calls in the wasm contract,...
CVE-2025-61595 MANTRA tx gas limit is not enforced in send hooks
MANTRA is a purpose-built RWA Layer 1 Blockchain, capable of adherence to real world regulatory requirements. Versions 4.0.1 and below do not enforce the tx gas limit in its send hooks. Send hooks can spend more gas than what remains in tx, combined with recursive calls in the wasm contract,...
CVE-2025-61595
CVE-2025-61595 pertains to MANTRA Chain. Versions up to 4.0.1 do not enforce the tx gas limit in send hooks, allowing gas to be spent beyond remaining and enabling recursive calls in the wasm contract, potentially causing exponential gas consumption. The issue is fixed in version 4.0.2. Affected ...
CVE-2025-61595 MANTRA tx gas limit is not enforced in send hooks
MANTRA is a purpose-built RWA Layer 1 Blockchain, capable of adherence to real world regulatory requirements. Versions 4.0.1 and below do not enforce the tx gas limit in its send hooks. Send hooks can spend more gas than what remains in tx, combined with recursive calls in the wasm contract,...
CVE-2025-61595 MANTRA tx gas limit is not enforced in send hooks
MANTRA is a purpose-built RWA Layer 1 Blockchain, capable of adherence to real world regulatory requirements. Versions 4.0.1 and below do not enforce the tx gas limit in its send hooks. Send hooks can spend more gas than what remains in tx, combined with recursive calls in the wasm contract,...
Microsoft 365 Direct Send Abuse
The Rapid7 MDR team has observed a significant rise in the number of threat actors leveraging a lesser-known feature within Microsoft 365 called Direct Send. Rapid7 encourages organizations to immediately review their authenticated mail flow configurations, specifically related to Microsoft 365...
CVE-2023-53528
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix unsafe drain work queue code If createqp does not fully succeed it is possible for qp cleanup code to attempt to drain the send or recv work queues before the queues have been created causing a seg fault. This patch...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the send hooks. An attacker can exhaust system resources by triggering excessive gas consumption through recursive calls in the wasm contract. Remediation There is no fixed versio...
github.com/MANTRA-Chain/mantrachain/x/tokenfactory tx gas limit is not enforced in send hooks
Impact send hooks can spend more gas than what's remained in tx, combined with recursive calls in the wasm contract, can amplify the gas consumption exponentially. Patches It's patched in v4.0.2 and v5.0.0 Workarounds Is there a way for users to fix or remediate the vulnerability without upgradin...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the send hooks. An attacker can exhaust system resources by triggering excessive gas consumption through recursive calls in the wasm contract. Remediation Upgrade...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the send hooks. An attacker can exhaust system resources by triggering excessive gas consumption through recursive calls in the wasm contract. Remediation Upgrade...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the send hooks. An attacker can exhaust system resources by triggering excessive gas consumption through recursive calls in the wasm contract. Remediation There is no fixed versio...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the send hooks. An attacker can exhaust system resources by triggering excessive gas consumption through recursive calls in the wasm contract. Remediation There is no fixed versio...
GHSA-QWVM-WQQ8-8J69 github.com/MANTRA-Chain/mantrachain/x/tokenfactory tx gas limit is not enforced in send hooks
Impact send hooks can spend more gas than what's remained in tx, combined with recursive calls in the wasm contract, can amplify the gas consumption exponentially. Patches It's patched in v4.0.2 and v5.0.0 Workarounds Is there a way for users to fix or remediate the vulnerability without upgradin...
PT-2025-40050
Impact send hooks can spend more gas than what's remained in tx, combined with recursive calls in the wasm contract, can amplify the gas consumption exponentially. Patches It's patched in v4.0.2 and v5.0.0 Workarounds Is there a way for users to fix or remediate the vulnerability without upgradin...
PT-2025-40058
Name of the Vulnerable Software and Affected Versions MANTRA versions prior to 4.0.2 Description The software does not enforce transaction gas limits within its send hooks. This allows send hooks to consume more gas than available in the transaction, and recursive calls within the WebAssembly Was...
[SECURITY] Fedora 42 Update: trustee-guest-components-0.13.0-3.fc42
Running in a confidential VM, gather confidential-computing evidence, send it to Trustee and get secrets. A part of the confidential-containers project...
Security update for git
This update for git fixes the following issues: Update to 2.51.0 UI, Workflows & Features Userdiff patterns for the R language have been added. Documentation for "git send-email" has been updated with a bit more credential helper and OAuth information. "git cat-file --batch" learns to understand...