438 matches found
Huawei HarmonyOS 缓冲区错误漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from an out-of-bounds read vulnerability in the power consumption module. An attacker...
Upgraded Q -> M from #418 [1669043788344]
Judge has assessed an item in Issue 418 as M risk. The relevant finding follows: 1. LBRouter's swapAVAXForExactTokens not working as intended LBRouter's swapAVAXForExactTokens will only work when sending exact msg.value = amountIn0. The functionality which returns excess funds to the user in the...
Protocol's usability becomes very limited when access to Chainlink oracle data feed is blocked
Lines of code Vulnerability details Impact Based on the current implementation, when the protocol wants to use Chainlink oracle data feed for getting a collateral token's price, the fixed price for the token should not be set. When the fixed price is not set for the token, calling the Oracle...
CVE-2020-8974 ZGR TPS200 NG Missing Reference to Active Allocated Resource
In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable...
How DeFiChain gives DeFi a major boost with innovative decentralized assets
By Owais Sultan In this article, we’ll be exploring the landscape of DeFi, demonstrating how the recent DeFiChain developments are set to innovate the industry as a whole and drive the usability of DeFi. This is a post from HackRead.com Read the original post: How DeFiChain gives DeFi a major boo...
New owner of user proxy can prevent old owner from using the system
Lines of code Vulnerability details Impact In deployFor, owner is called if there is already an entry for the provided address. This can be exploited by a sophisticated attacker to make the system completely unusable for a user. Proof Of Concept Alice transfers her proxy to Bob through...
Microsoft Resumes Blocking Office VBA Macros by Default After 'Temporary Pause'
Microsoft has officially resumed blocking Visual Basic for Applications VBA macros by default across Office apps, weeks after temporarily announcing plans to roll back the change. "Based on our review of customer feedback, we've made updates to both our end user and our IT admin documentation to...
Microsoft Temporarily Rolls Back Plan to Block Office VBA Macros by Default
Five months after announcing plans to disable Visual Basic for Applications VBA macros by default in the Office productivity suite, Microsoft appears to have rolled back its plans. "Based on feedback received, a rollback has started," Microsoft employee Angela Robertson said in a July 6 comment...
KuppingerCole rates Microsoft as outstanding in functionality for secure collaboration
We are excited to share that Microsoft has been rated "Outstanding in Functionality" in the KuppingerCole Market Compass for Secure Collaboration, May 2022. Microsoft was also the only company to be awarded the highest possible score of "Strong Positive" in all five categories: security,...
Huawei Emui and Magic UI Logic Flaw Vulnerability
Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI are vulnerable to a logic flaw. An attacker could exploit the vulnerability to affect the usability of certain features...
Huawei Emui and Magic UI have unspecified vulnerabilities
Huawei Emui is a mobile operating system based on Android. Magic Ui is a mobile operating system based on Android. Huawei Emui and Magic UI have a security vulnerability that originates from residual files that are not removed after the ChinaDRM module is updated, which can be exploited by...
HUAWEI EMUI安全漏洞
Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI are vulnerable to a logic flaw. An attacker could exploit the vulnerability to affect the usability of certain features...
HUAWEI EMUI 安全漏洞
Huawei Emui is a mobile operating system based on Android. Magic Ui is a mobile operating system based on Android. Huawei Emui and Magic UI have a security vulnerability that originates from residual files that are not removed after the ChinaDRM module is updated, which can be exploited by...
HUAWEI HarmonyOS formatting string error vulnerability
HUAWEI HarmonyOS is an operating system from Huawei, China HUAWEI. HUAWEI HarmonyOS 2.0 is vulnerable to a formatting string error that can be exploited by attackers to cause usability impairments...
HUAWEI HarmonyOS 格式化字符串错误漏洞
HUAWEI HarmonyOS is an operating system from Huawei, China HUAWEI. HUAWEI HarmonyOS 2.0 is vulnerable to a formatting string error that can be exploited by attackers to cause usability impairments...
Huawei Emui configuration flaw vulnerability
Huawei Emui is a mobile operating system developed on Android. Huawei Emui is vulnerable to a configuration flaw that could be exploited by attackers to compromise usability...
Inefficiency in the Dutch Auction due to lower duration
Lines of code Vulnerability details The vulnerability or bug is in the implementation of the function getDutchAuctionStrike The AUCTIONDURATION is defined as 24 hours, and consider that the dutchAuctionReserveStrike or reserveStrike will never be set to 0 by user. Now if a vault is created with...
CNft.sol - revert inside safeTransferFrom will break composability & standard behaviour
Lines of code Vulnerability details The function safeTransferFrom is a standard interface in ERC1155, and its expected to succeed if all the parametes are valid, and revert on error, which is not the case here so its a deviation. Refer to the EIP-1155 safeTransferFrom rules: MUST revert if to is...
How a senior product manager is leading the passwordless movement at Microsoft
May 5, 2022, is World Password Day, a day we all use to create awareness around password security. At Microsoft, we choose to celebrate replacing passwords with better and more secure ways to sign in. I can’t think of a better person at Microsoft to represent this journey than Libby Brown, a seni...
Huawei HarmonyOS Licensing Issue Vulnerability (CNVD-2022-44618)
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. Huawei HarmonyOS is vulnerable to licensing issues. Successful exploitation of this vulnerability could result in a usability impact. An attacker could use this vulnerability to bypass Web authentication and gain administrati...