Florida hospital takes entire IT systems offline after 'ransomware attack'

Tallahassee Memorial Healthcare TMH, a major hospital system in northern Florida, has reportedly been experiencing an "IT security issue" since Thursday evening, which impacted some of its IT systems. When TMH learned of the issue, it took its entire IT systems offline as a precaution and contact...

Unchecked that the to address is nto the address of the tokens

Lines of code Vulnerability details Impact In the swap function, it is unchecked that the to address is not the address of the tokens. This will not lead to a loss of funds because the flashloan will actually revert, but sanity checks like this one should be made following for instance uniswap...

Mismatch in if statement check for long0, long1 and shortAmount

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. As stated in the comment of the lines referenced below, long0Amount and long1Amount could be zero but the code is wrongly implemented which could lead to unexpected behavior of the code. The 'shortAmoun...

CVE-2023-24068

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments within the attachments.noindex directory. Client mechanisms fail to validate modifications of existing cached files, resulting in an attacker's ability to insert malicious code into...

Unhandled Revert in _performERC721Transfer Function Resulting in Loss of Tokens.

Lines of code Vulnerability details Impact transferFrom function is used to transfer ownership of ERC721 tokens from one address to another. If this function reverts, it means that the transfer failed, and the ownership of the tokens should not be changed. However, the code in the...

SQL Injection in search function

Description In the search function \ \ \ \ With options recentplayed, user input is taken directly into the query without being included in the prepare statement \ \ \ Proof of Concept POST /ampache-5.5.6allphp7.4/public/search.php?type=song HTTP/1.1 Host: localhost:8888 User-Agent: Mozilla/5.0...

EulerOS Virtualization 3.0.2.6 : mariadb (EulerOS-SA-2023-1071)

According to the versions of the mariadb packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expressio...

Sql injection

The Visual Email Designer for WooCommerce WordPress plugin before 1.7.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author...

Sql injection

The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

Sql injection

The WP User WordPress plugin through 7.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users...

CVE-2022-28228

Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert statement that would allow him to read sensitive information from other memory locations or cause a crash...

Design/Logic Flaw

Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert statement that would allow him to read sensitive information from other memory locations or cause a crash...

YDB 缓冲区错误漏洞

YDB is an open source distributed SQL database from YDB Platform Open Source. YDB has a security vulnerability that stems from the fact that an attacker can construct a query using an insert statement to achieve an out-of-bounds read resulting in reading sensitive information from other memory...

CVE-2022-28228

Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert statement that would allow him to read sensitive information from other memory locations or cause a crash...

CVE-2022-3981

The Icegram Express WordPress plugin before 5.5.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscriber...

CVE-2022-3981 Icegram Express < 5.5.1 - Subscriber+ SQLi

The Icegram Express WordPress plugin before 5.5.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscriber...

CVE-2022-2993 bt: host: Wrong key validation check

There is an error in the condition of the last if-statement in the function smpcheckkeys. It was rejecting current keys if all requirements were unmet...

CVE-2022-41560 TIBCO Nimbus Denial of Service Vulnerability

The Statement Set Upload via the Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a Denial of Service Attack on the affected system. Affected releases are TIBCO Software...

Web Invoice <= 2.1.3 - Authenticated SQLi

The plugin does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as subscriber could exploit this as well PoC...

Redeem should revert if the TokenSender.sol doesn’t have enough outputtoken to reimburse to users.

Lines of code https://github.com/prepo-io/prepo-monorepo/blob/49a7ed94272db013245d9364e69be713a8aef0a2/apps/smart-contracts/core/contracts/TokenSender.solL41 Vulnerability details According to the comments in the code of RedeemHook.hook function : Once a market has ended, users can directly settl...