Lucene search
K

528 matches found

Code423n4
Code423n4
added 2023/10/20 12:0 a.m.25 views

The same console addresses on other chains can be captured by compromised or malicious owner

Lines of code Vulnerability details Impact The same order of owners addresses lets generate the same console address on all chains. But any owner from the list can deploy console accounts on other chains with threshold parameter equals 1 and then change owners in these accounts, i.e. capture thes...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/10/17 12:0 a.m.3 views

PT-2023-29347 · Unknown · Byconsole Wooodt Lite

Name of the Vulnerable Software and Affected Versions: ByConsole WooODT Lite – WooCommerce Order Delivery or Pickup with Date Time Location plugin versions = 2.4.6 Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicio...

7.1CVSS6.3AI score0.00331EPSS
Exploits0References6
OSV
OSV
added 2023/10/10 2:15 p.m.9 views

AZL-31346 CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

7.5CVSS7AI score0.99999EPSS
Exploits19References1
Positive Technologies
Positive Technologies
added 2023/09/27 12:0 a.m.4 views

PT-2023-23673 · Red Hat · Openshift Container Platform For Ibm Linuxone +4

Name of the Vulnerable Software and Affected Versions: undertow affected versions not specified jboss enterprise application platform affected versions not specified jboss enterprise application platform text-only advisories affected versions not specified openshift container platform affected...

7.5CVSS7.6AI score0.02044EPSS
Exploits0References26
Code423n4
Code423n4
added 2023/09/14 12:0 a.m.15 views

Allowing price updates once in an epoch is extremely risky and open windows to a lot of issues

Lines of code Vulnerability details Impact Protocol currently knows about how this could be an effect, since the comments to both previewDeposit and convertToShares suggest that any difference attached to this should be considered slippage, but measures are not taken to ensure that this slippage ...

6.7AI score
Exploits0
OSV
OSV
added 2023/09/11 2:15 p.m.5 views

CVE-2023-36980

An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the value of betsize+casino.balance exceeds the threshold...

5.3CVSS5.7AI score0.00358EPSS
Exploits0References2
NVD
NVD
added 2023/09/11 2:15 p.m.9 views

CVE-2023-36980

An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the value of betsize+casino.balance exceeds the threshold...

5.3CVSS5.3AI score0.00358EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/09/11 2:15 p.m.7 views

CVE-2023-36980

An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the value of betsize+casino.balance exceeds the threshold...

5.3CVSS6AI score0.00358EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/09/11 12:0 a.m.20 views

CVE-2023-36980

An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the value of betsize+casino.balance exceeds the threshold...

5.6AI score0.00358EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/09/11 12:0 a.m.10 views

CVE-2023-36980

An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the value of betsize+casino.balance exceeds the threshold...

6.8AI score0.00358EPSS
Exploits0References2
Code423n4
Code423n4
added 2023/09/07 12:0 a.m.4 views

User will loss his funds forever if Threshold are not met .

Lines of code Vulnerability details Impact mintIfThresholdMet function is called from execute function while executing a bridging transaction . This function checks if thresholds are met and only mints token in the destination chain to the user if thresholds are met properly . However , the probl...

6.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/08/31 1:29 p.m.5 views

undertow: OutOfMemoryError due to @MultipartConfig handling

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service DoS attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass...

7.5CVSS7.1AI score0.02044EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/08/31 1:27 p.m.5 views

undertow: OutOfMemoryError due to @MultipartConfig handling

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service DoS attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass...

7.5CVSS7.1AI score0.02044EPSS
Exploits0References4
Code423n4
Code423n4
added 2023/08/10 12:0 a.m.9 views

Any of the role setter , nominee Vetter should not be a council (cohort) member.

Lines of code Vulnerability details Impact The privileged cohort membercouncil member can influence the member addition, removal, rotating the nominee and excluding the nominee. The function of election can be rigged, arbitrary proposals can be passed. This is easy by the council member who has...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.14 views

PT-2023-24237

Name of the Vulnerable Software and Affected Versions Crypto wallets implementing GG18 or GG20 TSS protocol affected versions not specified Description Crypto wallets using the GG18 or GG20 Threshold Signature Scheme TSS protocols are susceptible to an issue where an attacker can extract a full...

9.6CVSS7.5AI score0.01017EPSS
Exploits1References14
CNNVD
CNNVD
added 2023/08/09 12:0 a.m.8 views

Lindell17 TSS Injection Vulnerability

tss-lib is an open source IO FinNet implementation of the multi-party t,n- threshold ECDSA Elliptic Curve Digital Signature Algorithm based on Gennaro and Goldfeder 20201 and EdDSA Edwards Curve Digital Signature Algorithm. A security vulnerability exists in Lindell17 TSS that stems from allowing...

9.6CVSS6.8AI score0.01091EPSS
Exploits2References6
CNNVD
CNNVD
added 2023/08/09 12:0 a.m.3 views

GG18 TSS and GG20 TSS Injection Vulnerabilities

tss-lib is an open source IO FinNet implementation of the multi-party t,n- threshold ECDSA Elliptic Curve Digital Signature Algorithm based on Gennaro and Goldfeder 20201 and EdDSA Edwards Curve Digital Signature Algorithm. A security vulnerability exists in the GG18 , GG20 TSS that stems from...

9.6CVSS6.8AI score0.01017EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/08/07 3:19 p.m.7 views

undertow: OutOfMemoryError due to @MultipartConfig handling

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service DoS attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass...

7.5CVSS7.1AI score0.02044EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/08/07 3:18 p.m.8 views

undertow: OutOfMemoryError due to @MultipartConfig handling

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service DoS attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass...

7.5CVSS7.1AI score0.02044EPSS
Exploits0References4
OSV
OSV
added 2023/07/25 4:15 p.m.1 views

DEBIAN-CVE-2023-3773

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...

4.4CVSS5.9AI score0.00237EPSS
Exploits0References1
Rows per page
Query Builder