Lucene search
K

438 matches found

CNNVD
CNNVD
added 2022/12/05 12:0 a.m.3 views

Huawei HarmonyOS 缓冲区错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from an out-of-bounds read vulnerability in the power consumption module. An attacker...

7.5CVSS7.4AI score0.00447EPSS
Exploits0References4
Code423n4
Code423n4
added 2022/11/21 12:0 a.m.14 views

Upgraded Q -> M from #418 [1669043788344]

Judge has assessed an item in Issue 418 as M risk. The relevant finding follows: 1. LBRouter's swapAVAXForExactTokens not working as intended LBRouter's swapAVAXForExactTokens will only work when sending exact msg.value = amountIn0. The functionality which returns excess funds to the user in the...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/10/30 12:0 a.m.13 views

Protocol's usability becomes very limited when access to Chainlink oracle data feed is blocked

Lines of code Vulnerability details Impact Based on the current implementation, when the protocol wants to use Chainlink oracle data feed for getting a collateral token's price, the fixed price for the token should not be set. When the fixed price is not set for the token, calling the Oracle...

6.7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2022/10/17 9:16 p.m.9 views

CVE-2020-8974 ZGR TPS200 NG Missing Reference to Active Allocated Resource

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable...

10CVSS7.2AI score0.00696EPSS
Exploits0References1
HackRead
HackRead
added 2022/09/21 9:4 p.m.9 views

How DeFiChain gives DeFi a major boost with innovative decentralized assets

By Owais Sultan In this article, we’ll be exploring the landscape of DeFi, demonstrating how the recent DeFiChain developments are set to innovate the industry as a whole and drive the usability of DeFi. This is a post from HackRead.com Read the original post: How DeFiChain gives DeFi a major boo...

1.6AI score
Exploits0
Code423n4
Code423n4
added 2022/08/06 12:0 a.m.7 views

New owner of user proxy can prevent old owner from using the system

Lines of code Vulnerability details Impact In deployFor, owner is called if there is already an entry for the provided address. This can be exploited by a sophisticated attacker to make the system completely unusable for a user. Proof Of Concept Alice transfers her proxy to Bob through...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/22 12:17 p.m.27 views

Microsoft Resumes Blocking Office VBA Macros by Default After 'Temporary Pause'

Microsoft has officially resumed blocking Visual Basic for Applications VBA macros by default across Office apps, weeks after temporarily announcing plans to roll back the change. "Based on our review of customer feedback, we've made updates to both our end user and our IT admin documentation to...

Exploits0
The Hacker News
The Hacker News
added 2022/07/08 11:42 a.m.35 views

Microsoft Temporarily Rolls Back Plan to Block Office VBA Macros by Default

Five months after announcing plans to disable Visual Basic for Applications VBA macros by default in the Office productivity suite, Microsoft appears to have rolled back its plans. "Based on feedback received, a rollback has started," Microsoft employee Angela Robertson said in a July 6 comment...

1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/07/07 4:0 p.m.19 views

KuppingerCole rates Microsoft as outstanding in functionality for secure collaboration

We are excited to share that Microsoft has been rated "Outstanding in Functionality" in the KuppingerCole Market Compass for Secure Collaboration, May 2022. Microsoft was also the only company to be awarded the highest possible score of "Strong Positive" in all five categories: security,...

1AI score
Exploits0
CNVD
CNVD
added 2022/06/16 12:0 a.m.16 views

Huawei Emui and Magic UI Logic Flaw Vulnerability

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI are vulnerable to a logic flaw. An attacker could exploit the vulnerability to affect the usability of certain features...

7.5CVSS2.1AI score0.00598EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/16 12:0 a.m.13 views

Huawei Emui and Magic UI have unspecified vulnerabilities

Huawei Emui is a mobile operating system based on Android. Magic Ui is a mobile operating system based on Android. Huawei Emui and Magic UI have a security vulnerability that originates from residual files that are not removed after the ChinaDRM module is updated, which can be exploited by...

7.5CVSS2.8AI score0.00598EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/13 12:0 a.m.4 views

HUAWEI EMUI安全漏洞

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI are vulnerable to a logic flaw. An attacker could exploit the vulnerability to affect the usability of certain features...

7.5CVSS5.9AI score0.00598EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/06/13 12:0 a.m.2 views

HUAWEI EMUI 安全漏洞

Huawei Emui is a mobile operating system based on Android. Magic Ui is a mobile operating system based on Android. Huawei Emui and Magic UI have a security vulnerability that originates from residual files that are not removed after the ChinaDRM module is updated, which can be exploited by...

7.5CVSS6AI score0.00598EPSS
Exploits0References2
CNVD
CNVD
added 2022/06/08 12:0 a.m.29 views

HUAWEI HarmonyOS formatting string error vulnerability

HUAWEI HarmonyOS is an operating system from Huawei, China HUAWEI. HUAWEI HarmonyOS 2.0 is vulnerable to a formatting string error that can be exploited by attackers to cause usability impairments...

7.5CVSS3.1AI score0.00616EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/05 12:0 a.m.3 views

HUAWEI HarmonyOS 格式化字符串错误漏洞

HUAWEI HarmonyOS is an operating system from Huawei, China HUAWEI. HUAWEI HarmonyOS 2.0 is vulnerable to a formatting string error that can be exploited by attackers to cause usability impairments...

7.5CVSS5.6AI score0.00616EPSS
Exploits0References4
CNVD
CNVD
added 2022/05/17 12:0 a.m.14 views

Huawei Emui configuration flaw vulnerability

Huawei Emui is a mobile operating system developed on Android. Huawei Emui is vulnerable to a configuration flaw that could be exploited by attackers to compromise usability...

7.5CVSS3.1AI score0.00616EPSS
Exploits0References1
Code423n4
Code423n4
added 2022/05/13 12:0 a.m.10 views

Inefficiency in the Dutch Auction due to lower duration

Lines of code Vulnerability details The vulnerability or bug is in the implementation of the function getDutchAuctionStrike The AUCTIONDURATION is defined as 24 hours, and consider that the dutchAuctionReserveStrike or reserveStrike will never be set to 0 by user. Now if a vault is created with...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/07 12:0 a.m.13 views

CNft.sol - revert inside safeTransferFrom will break composability & standard behaviour

Lines of code Vulnerability details The function safeTransferFrom is a standard interface in ERC1155, and its expected to succeed if all the parametes are valid, and revert on error, which is not the case here so its a deviation. Refer to the EIP-1155 safeTransferFrom rules: MUST revert if to is...

6.8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/05/04 4:0 p.m.22 views

How a senior product manager is leading the passwordless movement at Microsoft

May 5, 2022, is World Password Day, a day we all use to create awareness around password security. At Microsoft, we choose to celebrate replacing passwords with better and more secure ways to sign in. I can’t think of a better person at Microsoft to represent this journey than Libby Brown, a seni...

7.6AI score
Exploits0
CNVD
CNVD
added 2022/04/22 12:0 a.m.14 views

Huawei HarmonyOS Licensing Issue Vulnerability (CNVD-2022-44618)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. Huawei HarmonyOS is vulnerable to licensing issues. Successful exploitation of this vulnerability could result in a usability impact. An attacker could use this vulnerability to bypass Web authentication and gain administrati...

9.1CVSS2.2AI score0.00688EPSS
Exploits0References1
Rows per page
Query Builder