embly-wrapper (=0.0.2), wasi-common-lucet (>=0.4.0 <=0.4.2) potentially affected by CVE-2021-43790 via lucet-runtime (>=0.4.3 <=0.6.1)

lucet-runtime CARGO version =0.4.3, =0.4.0, =0.4.2 Source cves: CVE-2021-43790 Source advisory: OSV:GHSA-HF79-8HJP-RRVQ...

embly-wrapper (=0.0.2), wasi-common-lucet (>=0.4.0 <=0.4.2) potentially affected by CVE-2021-43790 via lucet-runtime (>=0.4.3 <=0.6.1)

lucet-runtime CARGO version =0.4.3, =0.4.0, =0.4.2 Source cves: CVE-2021-43790 Source advisory: OSV:RUSTSEC-2021-0155...

SHOULD CHECK RETURN DATA FROM CHAINLINK AGGREGATORS

Handle defsec Vulnerability details Impact The consult function in the contract TwapOracle.sol fetches the asset price from a Chainlink aggregator using the latestRoundData function. However, there are no checks on timeStamp, resulting in stale prices. The oracle wrapper calls out to a chainlink...

Mozilla Firefox Security Advisory (MFSA2012-83) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Mozilla Firefox Security Advisory (MFSA2013-14) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Mozilla Firefox Security Advisory (MFSA2014-91) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

tpm2-tools: fixed AES wrapping key in tpm2_import

A flaw was found in tpm2-tools. tpm2import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality...

Vulnerability in packageCmd function leads to arbitrary code execution via filePath parameters

aaptjs is a node wraper for aapt. An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...

Vulnerability in singleCrunch function leads to arbitrary code execution via filePath parameters

aaptjs is a node wraper for aapt. An issue was discovered in the singleCrunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...

Vulnerability in crunch function leads to arbitrary code execution via filePath parameters

aaptjs is a node wraper for aapt. An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...

aaptjs remote code execution vulnerability (CNVD-2021-84828)

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the dump function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

aaptjs remote code execution vulnerability (CNVD-2021-84826)

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the list function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

aaptjs remote code execution vulnerability

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the add function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

aaptjs remote code execution vulnerability (CNVD-2021-84831)

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the crunch function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

aaptjs remote code execution vulnerability (CNVD-2021-84829)

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the remove function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

Shenzhim Aaptjs 操作系统命令注入漏洞

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the packageCmd function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

Unhandled return values of transfer

Handle WatchPug Vulnerability details ERC20 implementations are not always consistent. Some implementations of transfer could return ‘false’ on failure instead of reverting. It is safer to wrap such calls into require statements to these failures. Unsafe transfer calls were found in the following...

Fedora: Security Advisory for gfbgraph (FEDORA-2021-9c737bb848)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for gfbgraph (FEDORA-2021-7cccd2784c)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: gfbgraph-0.2.4-1.fc34

GLib/GObject wrapper for the Facebook Graph API that integrates with GNOME Online Accounts...