155 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-29548
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox 112, Focus for Android 112,...
Linux Distros Unpatched Vulnerability : CVE-2023-29531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. This bug only...
China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign
A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection. "The attackers embedded malicious JavaScrip...
SUSE CVE-2023-29543
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
SUSE CVE-2023-29547
When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for...
SUSE CVE-2023-29551
Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
SUSE CVE-2023-29544
If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
CVE-2022-48924
CVE-2022-48924 relates to the Linux kernel, describing a memory-leak in the int340x thermal driver during int3400_notify() on Tiger Lake, leading to unreferenced objects and potential memory pressure. The provided documents consistently show the root cause as a leak in the int3400_notify path and...
GO-2024-2818 Consensus failures in github.com/btcsuite/btcd
Incorrect implementation of the consensus rules outlined in BIP 68 and BIP 112 making btcd susceptible to consensus failures. Specifically, it uses the transaction version as a signed integer when it is supposed to be treated as unsigned. There can be a chain split and loss of funds...
Race Condition
btcd is vulnerable to a Race Condition. The vulnerability is due to the incorrect implementation of consensus rules as outlined in BIP 68 and BIP 112, specifically by treating the transaction version as a signed integer instead of unsigned. This misinterpretation can lead to a chain split and...
GHSA-3JGF-R68H-XFQM btcd susceptible to consensus failures
btcd before 0.24.0 does not correctly implement the consensus rules outlined in BIP 68 and BIP 112, making it susceptible to consensus failures. Specifically, it uses the transaction version as a signed integer when it is supposed to be treated as unsigned. There can be a chain split and loss of...
CVE-2024-34478
btcd before 0.24.0 does not correctly implement the consensus rules outlined in BIP 68 and BIP 112, making it susceptible to consensus failures. Specifically, it uses the transaction version as a signed integer when it is supposed to be treated as unsigned. There can be a chain split and loss of...
CVE-2024-34478
btcd before 0.24.0 does not correctly implement the consensus rules outlined in BIP 68 and BIP 112, making it susceptible to consensus failures. Specifically, it uses the transaction version as a signed integer when it is supposed to be treated as unsigned. There can be a chain split and loss of...
CVE-2024-34478
CVE-2024-34478 affects btcd before 0.24.0, where the software does not correctly implement BIP 68/BIP 112 consensus rules. The core issue is treating the transaction version as a signed integer instead of unsigned, which can cause consensus failures, potentially leading to a chain split and loss ...
CVE-2024-34478
btcd before 0.24.0 does not correctly implement the consensus rules outlined in BIP 68 and BIP 112, making it susceptible to consensus failures. Specifically, it uses the transaction version as a signed integer when it is supposed to be treated as unsigned. There can be a chain split and loss of...
Ripple Co-Founder’s Personal XRP Wallet Breached in $112 Million Hack
By Deeba Ahmed Ripple’s co-founder Chris Larsen has acknowledged that his personal XRP wallet was hacked. This is a post from HackRead.com Read the original post: Ripple Co-Founders Personal XRP Wallet Breached in $112 Million Hack...
Upgraded Q -> 2 from #112 [1693238992728]
Judge has assessed an item in Issue 112 as 2 risk. The relevant finding follows: A profile can follow itself by receiving a pre-upgrade followNFT and then using the batchMigrateFollows function." --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #116 [1691272104948]
Judge has assessed an item in Issue 116 as 2 risk. The relevant finding follows: L-02 Misuse of shl function leads to unnecessary over-estimation of size in calldatacopy within getArgBytes function --- The text was updated successfully, but these errors were encountered: All reactions...
Spoofing
Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected. This vulnerability affects...
CVE-2023-29546
When recording the screen while in Private Browsing on Firefox for Android the address bar and keyboard were not hidden, potentially leaking sensitive information. This bug only affects Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox for Android 112...