4 matches found
EUVD-2021-1097
Malware in sbrugna...
CVE-2025-43918
SSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes certificate requests such that a trusted TLS certificate may be issued for the domain name of a requester's email address, even when the requester does not otherwise establish administrative control of that...
Missing approval check
Lines of code Vulnerability details Proof of Concept The lpToken.mint function is called with the msg.sender as the recipient, but there is no check to ensure that the sender has approved the contract to transfer the fractional tokens on their behalf. If the lptoken.mint function is missing a che...
Design/Logic Flaw
In SPIRE 0.8.1 through 0.8.4 and before versions 0.9.4, 0.10.2, 0.11.3 and 0.12.1, specially crafted requests to the FetchX509SVID RPC of SPIRE Server’s Legacy Node API can result in the possible issuance of an X.509 certificate with a URI SAN for a SPIFFE ID that the agent is not authorized to...