Lucene search
K

19 matches found

EUVD
EUVD
added 2026/06/10 5:16 p.m.11 views

EUVD-2026-36084

In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.0, 10.3.2512.12, 10.2.2510.15, 10.1.2507.23, 10.0.2503.14, and 9.3.2411.131, a user who holds a Splunk role that contains the high-privilege capability editsavedsearchowner could reassign sav...

5.5CVSS5.5AI score0.00189EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-41428

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00479EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:31 a.m.8 views

CVE-2024-45304

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's intention of leaving the contract without an owner. It introduces a security risk where an unintend...

6.5CVSS7.1AI score0.00479EPSS
Exploits0
Veracode
Veracode
added 2025/03/13 3:23 a.m.8 views

Repository Takeover

github.com/go-vela/server is vulnerable to Repository Takeover. The vulnerability is due to improper validation of webhook headers and body data, allowing an attacker to forge requests and transfer repository ownership along with its secrets...

8.5CVSS6.7AI score0.00246EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2025/03/06 12:0 a.m.3 views

Netsweeper 安全漏洞

Netsweeper is a web content filtering solution from Netsweeper Canada. A security vulnerability exists in Netsweeper v.8.2.6 and prior versions that stems from a lack of server-side authentication in the account management interface, which could lead to unauthorized reassignment of account...

8.1CVSS6.8AI score0.00328EPSS
Exploits0References3
NVD
NVD
added 2024/08/31 12:15 a.m.29 views

CVE-2024-45304

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's intention of leaving the contract without an owner. It introduces a security risk where an unintend...

6.5CVSS0.00479EPSS
Exploits0References3
OSV
OSV
added 2024/08/30 11:51 p.m.21 views

CVE-2024-45304 OwnableTwoStep allows a pending owner to accept ownership after the original owner has renounced ownership in cairo-contracts

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's intention of leaving the contract without an owner. It introduces a security risk where an unintend...

5.3CVSS6.8AI score0.00479EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/08/30 11:51 p.m.14 views

CVE-2024-45304 OwnableTwoStep allows a pending owner to accept ownership after the original owner has renounced ownership in cairo-contracts

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's intention of leaving the contract without an owner. It introduces a security risk where an unintend...

5.3CVSS7.3AI score0.00479EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/08/30 11:51 p.m.32 views

CVE-2024-45304 OwnableTwoStep allows a pending owner to accept ownership after the original owner has renounced ownership in cairo-contracts

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's intention of leaving the contract without an owner. It introduces a security risk where an unintend...

5.3CVSS0.00479EPSS
Exploits0References3
Prion
Prion
added 2024/02/28 12:15 p.m.27 views

Design/Logic Flaw

A low privilege authenticated user could import an existing dashboard or chart that they do not have access to and then modify its metadata, thereby gaining ownership of the object. However, it's important to note that access to the analytical data of these charts and dashboards would still be...

4CVSS4.7AI score0.00866EPSS
Exploits0References2
Prion
Prion
added 2024/02/20 5:15 a.m.22 views

Code injection

Liferay Portal before 7.4.3.16 and Liferay DXP before 7.2 fix pack 19, 7.3 before update 6, and 7.4 before update 16 allow remote authenticated users to become the owner of a wiki page by editing the wiki page...

7.1AI score0.00479EPSS
Exploits0References1
Code423n4
Code423n4
added 2023/07/31 12:0 a.m.7 views

Anyone can burn/steal other users' wrapped follow NFTs

Lines of code Vulnerability details Impact Anyone can unwrap any follow NFT Attackers can steal follows by burning them Owners lose their follows without consent Proof of Concept The lack of ownership check in the unwrap function creates a vulnerability where anyone can unwrap and steal a follow...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/02/01 12:0 a.m.5 views

No way of transfering Ownership/Wrong use of Interface

Lines of code Vulnerability details Impact From my understanding there is no way to change the owner which can lead to funds can be stuck if an AMM and governance change/upgrade is required. There is risk if the owner keys get compromised - also there is no progressive security if you can't chang...

6.7AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/26 4:23 a.m.31 views

Security Bulletin: SONAS Fix Available for Incorrect Permission Checks when Granting/Removing Privilege (CVE-2012-2111)

Abstract SONAS includes a version of Samba that is affected by a vulnerability that allows a user to take ownership of files and directories that they do not own. Content VULNERABILITY DETAILS: CVE ID: CVE-2012-2111 DESCRIPTION: An error in the Remote Procedure Call RPC code in Samba results in a...

6.5CVSS8.1AI score0.04803EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2021/08/05 12:0 a.m.25 views

BTC2X has an unspecified vulnerability

BTC2X B2X is an application. The smart contract implements its own functionality, a tradable Ether ERC20 token with unprotected ownership, which allows anyone to become the owner of the contract, including the recipient. there is a security vulnerability in BTC2X that could be exploited by an...

7.5CVSS4.3AI score0.01072EPSS
Exploits1References1
Prion
Prion
added 2020/12/30 8:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in a smart contract implementation for AIRDROPX BORN through 2019-05-29, an Ethereum token. The name of the constructor has a typo wrong case: XBornID versus XBORNID that allows an attacker to change the owner of the contract and obtain cryptocurrency for free...

5CVSS7.5AI score0.01197EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/12/31 4:15 p.m.10 views

CVE-2018-19831

The ToOwner function of a smart contract implementation for Cryptbond Network CBN, an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity...

7.5CVSS7.5AI score0.00931EPSS
Exploits0References1
NVD
NVD
added 2019/12/31 4:15 p.m.14 views

CVE-2018-19832

The NETM function of a smart contract implementation for NewIntelTechMedia NETM, an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity...

7.5CVSS7.5AI score0.00931EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2010/04/16 7:0 p.m.31 views

CVE-2010-1161

Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files...

3.7CVSS6.1AI score0.00275EPSS
Exploits0
Rows per page
Query Builder