10 matches found
Advisory ROSA-SA-2024-2517
software: hostapd 2.9 WASP: ROSA-CHROME packageevrstring: hostapd-2.9-3 CVE-ID: CVE-2019-16275 BDU-ID: 2019-04775 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Wi-Fi WPA Supplicant secure access component is related to a flaw in the input validation mechanism. Exploitation of the...
ROS-20240410-17
The vulnerability of the ImageBuild function of the Moby containerization software tool is related to a flaw in the data source validation mechanism for endpoint processing. is related to a flaw in the data source validation mechanism for endpoint processing. Exploitation of the vulnerability cou...
Users can lost their USDY tokens in the Source Chain if something fails during the crosschain communication because there is not a validation mechanism to confirm that tokens were minted in the Destination Chain
Lines of code Vulnerability details Impact Users can lost their USDY tokens that were burnt in the Source Chain when bridging to another chain. Proof of Concept The bridging implementation solely relies and assumes that all messages sent to the Axelar Network will be validated and won't have any...
Asymmetric level of transaction validation between L1 side and L2.
Lines of code Vulnerability details Impact May have double counting of deposits? Proof of Concept On L1 side, there are validations that ensure funds don't get lost nor double counted. For example, finalizeWithdrawal may be called multiple times by allowed callers in case previous calls fail...
CVE-2020-4052
In Wiki.js before 2.4.107, there is a stored cross-site scripting through template injection. This vulnerability exists due to an insecure validation mechanism intended to insert v-pre tags into rendered HTML elements which contain curly-braces. By creating a crafted wiki page, a malicious Wiki.j...
Cross site scripting
In Wiki.js before 2.4.107, there is a stored cross-site scripting through template injection. This vulnerability exists due to an insecure validation mechanism intended to insert v-pre tags into rendered HTML elements which contain curly-braces. By creating a crafted wiki page, a malicious Wiki.j...
Microsoft Outlook 365 - Arbitrary File Upload Vulnerability
Document Title: =============== Microsoft Outlook 365 - Arbitrary File Upload Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1513 Release Date: ============= 2018-08-08 Vulnerability Laboratory ID VL-ID: ===================================...
Microsoft Outlook 365 - Arbitrary File Upload Vulnerability
Document Title: =============== Microsoft Outlook 365 - Arbitrary File Upload Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1513 Release Date: ============= 2018-08-07 Vulnerability Laboratory ID VL-ID: ===================================...
ISPconfig v3.0.5.4p6 - Input Validation Vulnerabilities
Document Title: =============== ISPconfig v3.0.5.4p6 - Input Validation Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1909 Release Date: ============= 2016-08-16 Vulnerability Laboratory ID VL-ID: ==================================== 19...
Heroku Bug Bounty #2 - (API) Re Auth Bypass Vulnerability
Document Title: =============== Heroku Bug Bounty 2 - API Re Auth Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1323 Video: http://www.vulnerability-lab.com/getcontent.php?id=1336 Vulnerability Magazine:...