PT-2022-3967 · Cisco · Cisco Small Business Rv345 +3

Name of the Vulnerable Software and Affected Versions: Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers affected versions not specified Description: The issue is related to multiple vulnerabilities in the Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers, which...

Attackers can call update and grief users from swapping tokens or minting/burning because those functions divide by zero

Lines of code Vulnerability details Details An attacker can specify reserve0 and reserve1 in update function and make them both zero. Every function using those variable to divide would revert causing a dos and causing lost of gas for users proof of concept Attacker has a contract that just keeps...

TWAV can be attacked by flash loan

Lines of code Vulnerability details Impact updateTWAV can be flash loaned. Hacker may pay the flash loan fee for 4 blocks then execute the attack after that. Proof of Concept function updateTWAVuint256 valuation, uint32 blockTimestamp internal uint32 timeElapsed; unchecked timeElapsed =...

Attacker can steal all tokens from pools

Lines of code Vulnerability details Attacker can steal all tokens from pool 2 issues 1.On deployment totalsupply is zero and reserve0 and reserve1 is zero called minting 103 to address zero And if tokens have supply in them amount0=1018 amount1=1018 liquidity= sqr1e36 - 103 =1015 which is still...

CVE-2022-31390

Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Update function in app/admin/c/TemplateController.php...

CVE-2022-31390

Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Update function in app/admin/c/TemplateController.php...

Server side request forgery (ssrf)

Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Update function in app/admin/c/TemplateController.php...

CVE-2022-31390

Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Update function in app/admin/c/TemplateController.php...

JIZHICMS 代码问题漏洞

Extreme Networks Technology JIZHICMS Extreme CMS is an open source content management system CMS from China's Extreme Networks Technology Company. A security vulnerability exists in JIZHICMS version v2.2.5, which originated from a server-side request forgery SSRF vulnerability discovered through...

CVE-2022-27438

CVE-2022-27438 affects Caphyon Advanced Installer 19.3 and earlier and products using the Advanced Updater. The root cause is a remote code execution vulnerability in the update check function via the CustomDetection parameter. Exploitation requires starting an affected installation to trigger th...

TOTOLINK A3100R 安全漏洞

TotoLink A3100R is a series of wireless routers from TotoLink, Taiwan, China.TotoLink A3100R version V4.1.2cu.5050B20200504 and V4.1.2cu.5247B20211129 are vulnerable to command injection, which originates from uci cloudupdateconfig function in the magicid parameter fails to properly filter the...

CDP.sol update overwrites user's credit on every positive increment

Handle harleythedog Vulnerability details Impact Within CDP.sol there is a function called update. This function slowly decreases the debt of a position as yield is earned, until the debt is fully paid off, and the idea is then that the credit should begin incrementing as more yield is accumulate...

Lack of data validation in update function

Handle Koustre Vulnerability details Impact There is no data validation of the data input into update function in MochiCSSRv0.sol. Allowing anyone to set the price of any non ERC20 token that is not a bluechip asset DAI, WETH, ETH, etc. Proof of Concept Provide direct links to all referenced code...

Historic data being requested as a part of MochiVault.withdraw and borrow functions can be outdated, so a user can avoid historic data update with sending old piece of _data

Handle hyh Vulnerability details Impact Asking to provide historic data proof doesn't imply that pricing is current, a malicious user can wait for market volatility and do deposit/borrow sequence with outdated price, borrowing more than current market value of supplied assets for example, suppose...

MochiCSSRv0.update() Does Not Operate Correctly On Bluechip Assets

Handle leastwood Vulnerability details Impact Mochi vaults query price feeds for updates via the update function in MochiCSSRv0.sol. If the asset to be queried is a bluechip asset, the function will call getPrice on an adapter which adheres to the ICSSRAdapter interface. If the adapter is not...

Traffic Factory: WordPress Plugin Update Confusion at trafficfactory.com

Hi, I'm currently researching a "novel" supply chain attack affecting WordPress plugins, and I believe your website might be vulnerable. The way it works is similar to a recent Dependency Confusion attack, where a malicious actor can take over internal packages unclaimed on PyPI / npm registry. I...

Information disclosure

In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information...

CVE-2020-22535

Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php...

VMware vCenter Server 6.5 / 6.7 Session Hijack (VMSA-2020-0023)

The version of VMware vCenter Server installed on the remote host is 6.5 prior to 6.5u3k or 6.7 prior to 6.7u3. It is, therefore, affected by a session hijack vulnerability in the vCenter Server Appliance. Management Interface update function due to a lack of certificate validation. A malicious...

Cross-Site Scripting (XSS)

BizCharts is vulnerable to cross site scripting. The package fails to sanitize config data in the update function, allowing attackers to inject and execute arbitrary code in a victim's browser...