Integer Overflow or Wraparound

Overview @openzeppelin/confidential-contracts is a Smart Contract library for use with confidential coprocessors Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the wrap and onTransferReceived functions used by the ERC7984 contract. An attacker can cause user...

NULL Pointer Dereference

Overview PyMuPDF is an A high performance Python library for data extraction, analysis, conversion & manipulation of PDF and other documents. Affected versions of this package are vulnerable to NULL Pointer Dereference via the breakwordforoverflowwrap function when rendering a malformed EPUB...

drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU.

...

django: Potential denial-of-service vulnerability in django.utils.text.wrap()

A potential denial of service vulnerability exists in django.utils.text.wrap and the wordwrap template filter. When processing extremely long strings, these functions may cause excessive resource consumption, potentially leading to service disruption...

Security update for python-Django

This update for python-Django fixes the following issues: CVE-2025-26699: Fixed potential denial-of-service in django.utils.text.wrap bsc1239052. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

PYSEC-2025-13

An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings...

DEBIAN-CVE-2025-26699

An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings...

Django 安全漏洞

Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django versions prior to 5.1.7, 5.0.13, and 4.2.20, which...

The user will receive more/less funds when calling unwrap() if the price of USDY falls/rises than expected

Lines of code Vulnerability details Impact There is a wrap function called by users to wrap their USDY tokens . In the future, to withdraw tokens, the user calls the unwrap function . However, in the unwrap function, the user can have more funds in case the price of USDY falls. Based on the case...

Possible Reentrancy Vulnerability

Lines of code Vulnerability details Impact In Add function, in case of non Eth Base Token, LP Tokens are minted for LP Provider before transferring the Base Token from Provider to Contract. In remove function, Fractional Tokens are Transferred to LP Provider before Burning the LP Token. In wrap...

Unlimited minting of fractional tokens by calling Pair.wrap() multiple times

Lines of code Vulnerability details Impact User can mint an unlimited amount of fractional tokens and break the protocol by selling the tokens. Proof of Concept NFTs can be traded for 1e18 fractional tokens by calling the function wrap. Wrap calls validateTokenIdstokenIds, proofs which in turn ru...

DoS in wrap and unwrap

Lines of code Vulnerability details Impact the code is doing wrong check, so when things will work it will revert. Proof of Concept In the function wrap there is this lines: if error = ICERC20token.mintamount != NOERROR revert FuseErrorerror; but mint returns the amount that minted, so when error...

MINTING to collateralVault could inflating totalsupply, without giving the balance to anyone

Handle Tomio Vulnerability details Impact First of all, this is an address zero issue, however, this could lead to an imbalance between total supply circulating and the actual balance that was assigned to another user, in the...

_from and _to can be the same address on wrap() function

Handle jayjonah8 Vulnerability details Impact In WJLP.sol, the wrap function pulls in amount base tokens from from, then stakes them to mint WAssets which it sends to to. It then updates rewardOwner's reward tracking such that it now has the right to future yields from the newly minted WAssets. B...

USN-2345-1: Oxide vulnerabilities

Multiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process...

OSSIM 2.1.5 Command Execution

cybsec com / function wrap$url $ua = array'Mozilla','Opera','Microsoft Internet Explorer','Chrome','Safari','Konqueror'; $op = array'Windows 7','Windows XP','Ubuntu','Windows Vista','ReactOS','OSX','Minix'; $agent = $uarand0,3.'/'.rand1,8.'.'.rand0,9.' '.$oprand0,5.' '.rand1,7.'.'.rand0,9.';...