Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-2171

Malware in sbrugna...

6.5CVSS6.4AI score0.00978EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/09/15 8:2 p.m.11 views

CVE-2025-10475 SpyShelter IOCTL SpyShelter.sys denial of service

A weakness has been identified in SpyShelter up to 15.4.0.1015. Affected is an unknown function in the library SpyShelter.sys of the component IOCTL Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been made available to the public and...

6.8CVSS0.00138EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.11 views

Shelter Soul: Bridging Shelters and Adopters through Technology

Pet adoption processes often face inefficiencies, including limited accessibility, lack of real-time information, and mismatched expectations between shelters and adopters. To address these challenges, this study presents Shelter Soul, a technology-based solution designed to streamline pet adopti...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.3 views

PT-2025-14153 · WordPress · Photoshelter For Photographers Blog Feed Plugin

Name of the Vulnerable Software and Affected Versions: PhotoShelter for Photographers Blog Feed Plugin versions 1.5.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attack...

6.5CVSS7AI score0.00331EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2024/03/28 1:45 p.m.5 views

animalshelter.org Cross Site Scripting vulnerability OBB-3890520

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/28 8:31 p.m.18 views

shelter-srl.com Cross Site Scripting vulnerability OBB-3474789

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Code423n4
Code423n4
added 2022/04/28 12:0 a.m.11 views

Shelter donations result in wrong internal balance if fee-on-transfer token is used

Judge @GalloDaSballo has assessed the 2nd Low-severity item in QA Report 66 as Medium risk. The relevant finding follows: … In case of a fee-on-transfer ERC20 token the savedTokens balance will not represent the actual balance of the contract: You can either disable the use of fee-on-transfer...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/02/09 12:0 a.m.12 views

Shelter funds can be stolen

Lines of code Vulnerability details Impact Shelter has a function withdraw that lets whitelisted users withdraw a specified amount of some token. The function does not check if the user has already withdrew the tokens. Since, a user can withdraw allowed amount any number of times, stealing all th...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/02/09 12:0 a.m.10 views

Repeated Calls to Shelter.withdraw Can Drain All Funds in Shelter

Lines of code Vulnerability details Impact tl;dr Anyone who can call withdraw to withdraw their own funds can call it repeatedly to withdraw the funds of others. withdraw should only succeed if the user hasn't withdrawn the token already. The shelter can be used for users to withdraw funds in the...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2022/02/09 12:0 a.m.6 views

Shelter sets wrong claimed field

Lines of code Vulnerability details The Sheler.withdraw function sets the claimedtokenuser field but uses the shares of msg.sender. An attacker can withdraw tokens several times passing different to addresses, each time the msg.sender's shares will be used to receive tokens. function withdrawIERC...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/02/09 12:0 a.m.8 views

Shelter withdraw does not check if user already claimed

Lines of code Vulnerability details Impact Shelter withdraw does not check if user already claimed. This allow any user with non-zero claim to drain the Shelter. Proof of Concept function withdrawIERC20 token, address to external override requireactivatedtoken != 0 && activatedtoken + GRACEPERIOD...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/02/09 12:0 a.m.13 views

Shelter.claim does not check if already claimed

Lines of code Vulnerability details The Sheler.withdraw function sets the claimedtokenuser field but does not check if the user is allowed to claim by checking require!claimedtokenuser, "already claimed". function withdrawIERC20 token, address to external override requireactivatedtoken != 0 &&...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/02/09 12:0 a.m.7 views

double spend in Shelter

Lines of code Vulnerability details in the withdraw function in Shelter, one can withdraw infinite times, and by doing so, draining the system. the function doesn't check that the shares aren't already withdrawn. --- The text was updated successfully, but these errors were encountered: All reacti...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/02/09 12:0 a.m.10 views

Repeated withdrawals from Shelter

Lines of code Vulnerability details Impact function withdraw in Shelter sets claimed flag: claimedtokento = true; but it never actually checks if the user has already claimed, so users can invoke the withdrawal function multiple times and claim more rewards than were entitled. Recommended...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/02/09 12:0 a.m.5 views

All Tokens Can Be Stolen From Shelter Contract

Lines of code Vulnerability details Impact function withdrawIERC20 token, address to external override requireactivatedtoken != 0 && activatedtoken + GRACEPERIOD block.timestamp, "shelter not activated"; uint256 amount = savedTokenstoken client.shareOftoken, msg.sender / client.totalSharetoken;...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/02/09 12:0 a.m.9 views

claimed of _to set to true

Lines of code Vulnerability details Impact Function withdraw in Shelter calculates the amount based on shares of msg.sender, but sets the claimed flag of to: uint256 amount = savedTokenstoken client.shareOftoken, msg.sender / client.totalSharetoken; claimedtokento = true; This means a malicious...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/08 3:31 p.m.41 views

Lock and Code S1Ep8: Securely working from home (WFH) with John Donovan and Adam Kujawa

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to John Donovan, head of security at Malwarebytes, and Adam Kujawa, director of Malwarebtyes Labs, about securely working from home WFH. With shelter-in-pla...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/04/22 2:41 a.m.26 views

england.shelter.org.uk XSS vulnerability

Open Bug Bounty ID: OBB-606168 Description| Value ---|--- Affected Website:| england.shelter.org.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
hackapp
hackapp
added 2017/03/09 3:48 p.m.143 views

Fallout Shelter - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Fallout Shelter published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:23 a.m.10 views

Pet Shelter Hero - Customized SSL, Dangerous filesystem permissions, Hardcoded secrets vulnerabilities

HackApp vulnerability scanner discovered that application Pet Shelter Hero published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
Rows per page
Query Builder