_locateCurrentAmount function, there is an assembly operation that is dividing by duration without a zero check

Lines of code Vulnerability details Impact In the locateCurrentAmount function, there is an assembly operation that is dividing by duration without a zero check, which could cause a division by zero error. Proof of Concept // Check for division by zero requireduration != 0, "Division by zero...

CVE-2022-24441

The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the applicatio...

Code injection

The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the applicatio...

Maldev-For-Dummies - A Workshop About Malware Development

In the age of EDR, red team operators cannot get away with using pre-compiled payloads anymore. As such,malware development is becoming a vital skill for any operator. Getting started with maldev may seem daunting, but is actually very easy. This workshop will show you all you need to get started...

CVE-2022-21555

Vulnerability in the MySQL Shell for VS Code product of Oracle MySQL component: Shell: GUI. Supported versions that are affected are 1.1.8 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Shell for VS Code executes to...

CVE-2022-21555

CVE-2022-21555 affects MySQL Shell for VS Code (Shell: GUI) with affected versions 1.1.8 and earlier. The connected IBM Security Guardium bulletin lists the CVE-2022-21555 entry among several Oracle MySQL vulnerabilities and describes the impact as low confidentiality, low integrity, and no avail...

CVE-2022-21555

Vulnerability in the MySQL Shell for VS Code product of Oracle MySQL component: Shell: GUI. Supported versions that are affected are 1.1.8 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Shell for VS Code executes to...

PT-2022-3832 · Oracle · Mysql Shell For Vs Code

Name of the Vulnerable Software and Affected Versions: MySQL Shell for VS Code versions 1.1.8 and prior Description: The issue is related to insecure privilege management in the MySQL Shell for VS Code component. It allows an attacker to gain read, modify, or delete access to data. The...

Function name doesn't match the interface

Lines of code Vulnerability details Impact StakedCitadelVester contract doesn't support the IVesting interface, so the withdrawal of Citadel from the StakedCitadel contract will be impossible because the IVestingvesting.setupVestingmsg.sender, amount, block.timestamp; call will revert because the...

IDACode - An Integration For IDA And VS Code Which Connects Both To Easily Execute And Debug IDAPython Scripts

IDACode makes it easy to execute and debug Python scripts in your IDA environment without leaving Visual Studio Code. The VS Code extension can be found on the marketplace. IDACode is still in a very early state and bugs are to be expected. Please open a new issue if you encounter any issues...

CVE-2021-32039 MongoDB Extension for VS Code may unexpectedly store credentials locally in clear text

Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials may be used by malicious attackers to perform unauthorized actions. This vulnerability affects all MongoDB Extension for VS Code includi...

CVE-2021-32039 MongoDB Extension for VS Code may unexpectedly store credentials locally in clear text

Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials may be used by malicious attackers to perform unauthorized actions. This vulnerability affects all MongoDB Extension for VS Code includi...

CVE-2021-32039

Summary of CVE-2021-32039 : The MongoDB Extension for VS Code stores credentials locally in a binary file in clear text when a user has appropriate file access, affecting all versions up to 0.7.0. This can enable attackers with local access to perform unauthorized actions using these credentials....

MongoDB Extension for VS Code may unexpectedly store credentials locally in clear text

Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials may be used by malicious attackers to perform unauthorized actions. This vulnerability affects all MongoDB Extension for VS Code includi...

CVE-2021-21415

Prisma VS Code a VSCode extension for Prisma schema files. This is a Remote Code Execution Vulnerability that affects all versions of the Prisma VS Code extension older than 2.20.0. If a custom binary path for the Prisma format binary is set in VS Code Settings, for example by downloading a proje...

Remote code execution

Prisma VS Code a VSCode extension for Prisma schema files. This is a Remote Code Execution Vulnerability that affects all versions of the Prisma VS Code extension older than 2.20.0. If a custom binary path for the Prisma format binary is set in VS Code Settings, for example by downloading a proje...

CVE-2021-21415

CVE-2021-21415 concerns the Prisma VS Code extension for Prisma schema files. The vulnerability allows remote code execution when a user has a custom binary path for the Prisma format binary (for example via .vscode/settings.json with prismaFmtBinPath). This binary is executed during auto-formatt...

CVE-2021-21415 Visual Studio Code Prisma Extension Remote Code Execution Vulnerability

Prisma VS Code a VSCode extension for Prisma schema files. This is a Remote Code Execution Vulnerability that affects all versions of the Prisma VS Code extension older than 2.20.0. If a custom binary path for the Prisma format binary is set in VS Code Settings, for example by downloading a proje...

CVE-2021-22195

Client side code execution in gitlab-vscode-extension v3.15.0 and earlier allows attacker to execute code on user system...

CVE-2021-27082

CVE-2021-27082 affects the Microsoft Quantum Development Kit for Visual Studio Code (and related components). The connected Nessus record describes a remote code execution vulnerability where a victim who opens specially crafted content could have arbitrary code executed on the system, with the a...