Lucene search
+L

114 matches found

CNNVD
CNNVD
•added 2024/06/28 12:0 a.m.•4 views

MIT Kerberos Security Vulnerability

MIT Kerberos is a Massachusetts Institute of Technology MIT software for authentication in network clusters.Kerberos also serves as a network authentication protocol designed with the goal of providing strong authentication services to client/server applications through a key system. A security...

7.5CVSS6.9AI score0.00748EPSS
Exploits0References4
CNNVD
CNNVD
•added 2024/04/04 12:0 a.m.•5 views

Collabora Online č·Øē«™č„šęœ¬ę¼ę“ž

Collabora Online is a software application from Collabora UK. A powerful LibreOffice-based online office that supports all major document, spreadsheet and presentation file formats. A cross-site scripting vulnerability exists in Collabora Online version 23.05.10.1 and earlier, which stems from a...

6.1CVSS6AI score0.00338EPSS
Exploits0References2
Prion
Prion
•added 2023/11/16 11:15 p.m.•27 views

Design/Logic Flaw

Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the 'n' flag. This may happen when a window border is present and when the wrapped line continues o...

4.3CVSS6.6AI score0.00668EPSS
Exploits0References7Affected Software2
Code423n4
Code423n4
•added 2023/09/07 12:0 a.m.•11 views

Minted Shares would be Inflate Shares by 10000 due to Math Error in the wrap function

Lines of code Vulnerability details Impact BPSDENOMINATOR in the rUSDY.sol contract is an important variable used to scale up usdy amount - shares as noted in it comment description but it is only used to scale up when minting shares but not scaled down before subtracting it from total shares and...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2023/08/01 12:0 a.m.•12 views

Potential Loss of Rewards During Token Transfers in StaticATokenLM.sol

Lines of code Vulnerability details Impact This issue could lead to a permanent loss of rewards for the transferer of the token. During the token transfer process, the beforeTokenTransfer function updates rewards for both the sender and the receiver. However, due to the specific call order and th...

7.1AI score
Exploits0
Code423n4
Code423n4
•added 2023/07/31 12:0 a.m.•8 views

the unfollow contract does random unfollow process of random follow token.

Lines of code Vulnerability details Impact in the FollowNft.sol we have to unfollow function this function is supposed to do unfollow process but as you see the followTokenId variable just returns one random follow id with profile id through mapping and there is no option to select which follow n...

7AI score
Exploits0
Code423n4
Code423n4
•added 2023/07/31 12:0 a.m.•12 views

Users cannot unfollow if they do not own the FollowNFT of the followTokenId used for their profile

Lines of code Vulnerability details Bug Description If the followTokenId of a profile is wrapped, users will only be able to unfollow if they are either: 1. The owner of the follow NFT. 2. An approved operator of the follow NFT's owner. This can be seen in the unfollow function of FollowNFT.sol:...

6.9AI score
Exploits0
SUSE CVE
SUSE CVE
•added 2023/02/15 6:19 a.m.•4 views

SUSE CVE-2005-0356

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers PAWS with the timestamps option enabled allow remote attackers to cause a denial of service connection loss via a spoofed packet with a large timer value, which causes the host to discard later packets because they appe...

5CVSS6.8AI score0.83284EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2023/02/15 6:2 a.m.•3 views

SUSE CVE-2009-3374

The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to...

7.5CVSS9.1AI score0.01981EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2023/02/15 6:0 a.m.•5 views

SUSE CVE-2010-0171

Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting XSS attacks, by using the addEventListener and setTimeo...

4.3CVSS8.2AI score0.01775EPSS
Exploits1References4
Code423n4
Code423n4
•added 2022/11/10 12:0 a.m.•12 views

Potential DoS when closing a credit nominated in ETH in the LineOfCredit contract

Lines of code Vulnerability details When closing a credit that was issued in ETH, the LineOfCredit contract will send the lender his deposit and any accrued interests using the address.transferamount function, which may fail and revert the whole function, leading to an eventual DoS. Impact The...

7AI score
Exploits0
Code423n4
Code423n4
•added 2022/06/26 12:0 a.m.•12 views

Unable to redeem from Notional

Lines of code Redeemer.solL193 Vulnerability details Impact The maxRedeem function is a view function which only returns the balance of the Redeemer.sol contract. After this value is obtained, the PT is not redeemed from Notional. The user will be unable to redeem PT from Notional through...

6.9AI score
Exploits0
OSV
OSV
•added 2022/06/20 8:12 p.m.•8 views

MAL-2022-7238 Malicious code in wrapped-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0cd7457ecef3800cd42d34d311e5e40171ce048eb5fa248810b9951dc9a2eafd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Code423n4
Code423n4
•added 2022/06/12 12:0 a.m.•10 views

Withdraw function does not conform to EIP4626

Lines of code Vulnerability details Impact The withdraw of wfCashERC4626 is not 4626 compatible. wfCashERC4626.solL186-L191 According to EIP4626 Burns shares from owner and sends exactly assets of underlying tokens to receiver. The withdraw function of ERC4626 should send the exact same amount of...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2022/05/15 12:0 a.m.•11 views

Overexert on-chain slippage/loss control may cause users' funds to be frozen in the contract

Lines of code Vulnerability details requirewithdrawAmount = amount.percentMul9900, Errors.VTWITHDRAWAMOUNTMISMATCH; The GeneralVault.sol contract comes with a on-chain slippage/loss control to ensure the output amount is no more than 1% less of the requested amount. This can be a problem when the...

6.8AI score
Exploits0
NVD
NVD
•added 2021/12/17 5:15 p.m.•19 views

CVE-2021-32497

SICK SOPAS ET before version 4.8.0 allows attackers to wrap any executable file into an SDD and provide this to a SOPAS ET user. When a user starts the emulator the executable is run without further checks...

9.3CVSS0.00732EPSS
Exploits0References1
Code423n4
Code423n4
•added 2021/11/01 12:0 a.m.•9 views

Slingshot: Incorrect initial balance fetched for native token in executeTrades()

Handle hickuphh3 Vulnerability details Impact The executioner contract only supports ERC20ERC20 token trades. Native token swaps are supported by either wrapping / unwrapping the ERC20 wrapped native token before / after the trades respectively. When exchanging from the native token, the wrapping...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2021/10/30 12:0 a.m.•13 views

WrappedIbbtcEth.sol Sanity check of pricePerShare should be enforced

Handle WatchPug Vulnerability details /// @dev Update live ibBTC price per share from core /// @dev We cache this to reduce gas costs of mint / burn / transfer operations. /// @dev Update function is permissionless, and must be updated at least once every X time as a sanity check to ensure value ...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
•added 2021/09/24 11:12 a.m.•46 views

CVE-2021-21238

A verification flaw was found in python-pysaml2, where it did not validate signed SAML documents against an XML schema. Because the flaw allowed invalid XML documents to be processed, a network attacker could exploit this flaw by tricking pysaml2 with a wrapped signature. Mitigation Mitigation fo...

6.5CVSS0.6AI score0.01078EPSS
Exploits0References3
OSV
OSV
•added 2021/01/21 3:15 p.m.•5 views

DEBIAN-CVE-2021-21238

PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Signature wrapping...

6.5CVSS6.9AI score0.01078EPSS
Exploits0References1
Rows per page
Query Builder