CVE-2023-21306

In ContentService, there is a possible way to read installed sync content providers due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2023-18086 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: In ContentService, there is a possible way to read installed sync content providers due to side channel information disclosure. This could lead to local information disclosure with no...

Upgraded Q -> 2 from #1784 [1698218728214]

Judge has assessed an item in Issue 1784 as 2 risk. The relevant finding follows: Low -2 UniV2LiquidityAmo.sol accounting might be temporarily out of sync In UniV2LiquidityAmo.sol, sync is an external function that can be called by anyone to update the lpTokenBalance. And lpTokenBalance is modifi...

Upgraded Q -> 2 from #425 [1698130939448]

Judge has assessed an item in Issue 425 as 2 risk. The relevant finding follows: 6. UniLiquidityAmo contracts doesn’t synchronize reserve balances of RdpxV2Core in some cases Impact Developer from Dopex said that “we keep the balances to check the health of dpxEth”. I talk about this balances: //...

ENS (ERC20Votes) token transferred to the proxy contract will be lost forever.

Lines of code Vulnerability details Impact ENS ERC20Votes token transferred to the proxy contract will be lost forever. As delegation amount is out of sync with the ERC1155 balance if the ENS token is transferred to the proxy contract. Proof of Concept When the user delegates 100 tokens to A, the...

USN-6425-1 samba vulnerabilities

Sri Nagasubramanian discovered that the Samba aclxattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. CVE-2023-4091 Andrew Bartlett discovered that Samba incorrectly handl...

nodejs: Permissions policies can be bypassed via process.binding

A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...

Producer Initiated Transactions in Spring Cloud Stream Kafka Applications

Other parts in this blog series Part 1: Introduction to Transactions in Spring Cloud Stream Kafka Applications This article is part 2 of the blog series in which we look at transactions in detail with Spring Cloud Stream and Apache Kafka. We saw a general introduction to transactions in the...

nodejs: Permissions policies can be bypassed via process.binding

A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...

nodejs: Permissions policies can be bypassed via process.binding

A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...

nodejs: Permissions policies can be bypassed via process.binding

A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...

nodejs: Permissions policies can be bypassed via process.binding

A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...

September 26, 2023—KB5030310 (OS Build 22621.2361) Preview

September 26, 2023—KB5030310 OS Build 22621.2361 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate ...

Google Account Sync Vulnerability Exploited to Steal $15M

By Habiba Rashid According to reports, a Google Account Sync vulnerability was exploited to carry out a voice phishing scam that led to the theft of $15 million from Fortress Trust. This is a post from HackRead.com Read the original post: Google Account Sync Vulnerability Exploited to Steal $15M...

GHSA-36XM-35QQ-795W Inventory exposes reference to non-Sync data to an arbitrary thread

Affected versions do not enforce a Sync bound on the type of caller-provided value held in the plugin registry. References to these values are made accessible to arbitrary threads other than the one that constructed them. A caller could use this flaw to submit thread-unsafe data into inventory,...

Inventory exposes reference to non-Sync data to an arbitrary thread

Affected versions do not enforce a Sync bound on the type of caller-provided value held in the plugin registry. References to these values are made accessible to arbitrary threads other than the one that constructed them. A caller could use this flaw to submit thread-unsafe data into inventory,...

NetScaler NTP sync failure when NTP server Root Dispersion value greater that 1 second

NetScaler NTP sync failure when Root Dispersion value is larger than 1 second. Dispersion isthe maximum difference recorded between the NTP client and the NTP serverrecorded in seconds. Root Dispersion measures the maximum amount of variance between the NTP server and its known time source. If...

RUSTSEC-2023-0058 Exposes reference to non-Sync data to an arbitrary thread

Affected versions do not enforce a Sync bound on the type of caller-provided value held in the plugin registry. References to these values are made accessible to arbitrary threads other than the one that constructed them. A caller could use this flaw to submit thread-unsafe data into inventory,...

PT-2023-8925 · Qualcomm · Qualcomm Chipsets

Name of the Vulnerable Software and Affected Versions: Qualcomm chipsets affected versions not specified Description: The issue is related to memory corruption that occurs when submitting a large list of sync points in an AUX command to the IOCTL KGSL GPU AUX COMMAND. This can potentially allow a...

Attacker can DOS the sync function of RdpxV2Core which will brick critical functionality

Lines of code Vulnerability details Impact The sync function of the RdpxV2Core contract is critical for ensuring that the cached balances of the tokens in the contract are up to date. For example, all of the AMO logic involves sending tokens directly to the RdpxV2Core contract, meaning there's no...