DENIAL OF SERVICE (DoS) WHEN DECREASING THE weight DUE TO UNDERFLOW IN THE UlyssesPool.setWeight FUNCTION

Lines of code Vulnerability details Impact The UlyssesPool.setWeight function is used to update the weight of a particular poolId in the current UlyssesPool. But when the weight of the respective poolId is decreased from the current value, the calculation underflows and thus DoS the reducing of...

Potential Integer Underflow/Overflow: The code uses the SafeCastLib library for type conversions, but it does not handle potential underflow or overflow situations.

Lines of code Vulnerability details Impact The potential integer underflow/overflow vulnerability in the code can lead to incorrect calculations, unexpected behavior, and potential security issues. Proof of Concept In the provided code, there are a few areas where potential integer...

The vulnerability of the STEPTools ifcmesh library, related to errors in pointer arithmetic, allows a hacker to trigger a service failure.

The vulnerability of the STEPTools ifcmesh library is related to errors in pointer arithmetic involving the zero pointer. Exploiting this vulnerability could allow an attacker to cause a service failure using a specially created file...

The vulnerability of the SSL-VPN portal for operating systems FortiOS and the proxy server used for protecting against internet attacks by FortiProxy allows attackers to induce a service failure.

The vulnerability of the SSL-VPN portal for FortiOS operating systems and the FortiProxy proxy server used for protecting against internet attacks is related to pointer arithmetic errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the SSL-VPN portal for operating systems FortiOS and the proxy server used for protecting against internet attacks by FortiProxy allows attackers to induce a service failure.

The vulnerability of the SSL-VPN portal for FortiOS operating systems and the FortiProxy proxy server used for protecting against internet attacks is related to pointer arithmetic errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

potential arithmetic overflow in the code under review.

Lines of code Vulnerability details Summary This report highlights a high vulnerability related to potential arithmetic overflow in the code under review. Vulnerability Details The code performs arithmetic operations, such as addition, subtraction, multiplication, and division, on sdk.Int values...

USN-6180-1: VLC media player vulnerabilities

It was discovered that VLC could be made to read out of bounds when decoding image files. If a user were tricked into opening a crafted image file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and...

The vulnerability of the 6LoWPAN kernel driver of the RIOT operating system, related to pointer swapping errors, allows a hacker to cause a service failure.

The vulnerability of the 6LoWPAN kernel in the RIOT operating system’s graphics driver relates to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerability of the 6LoWPAN kernel driver of the RIOT operating system, which allows a hacker to cause a service failure.

The vulnerability of the 6LoWPAN kernel driver in the RIOT operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the 6LoWPAN kernel driver of the RIOT operating system, which allows a hacker to cause a service failure.

The vulnerability of the 6LoWPAN kernel in the RIOT operating system’s graphics driver relates to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

Ubuntu: Security Advisory (USN-6145-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6145-1: Sysstat vulnerabilities

It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only fixed for Ubuntu 16.04 LTS. CVE-2022-39377 It was discovered...

USN-6145-1 sysstat vulnerabilities

It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only fixed for Ubuntu 16.04 LTS. CVE-2022-39377 It was discovered...

The vulnerability of the ksmbd module in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the ksmbd module in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure using the SMB2LOGOFF command...

The vulnerability of the ksmbd module in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the ksmbd module in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions by sending a specially crafted request...

sysstat security and bug fix update

11.7.3-9.0.1 - add mpstat -H option to also display physically hotplugged vCPUs Orabug: 34683071 11.7.3-9 - add -f flag to force fdatasync after sa file update 2153192 11.7.3-8 - arithmetic overflow in allocatestructures on 32 bit systems CVE-2022-39377...

The vulnerability of the x86_emulate_insn function in the arch/x86/kvm/emulate.c component of the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the x86emulateinsn function in the arch/x86/kvm/emulate.c component of the Linux operating system’s kernel is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker to cause a service failure...

RHEL 8 : sysstat (RHSA-2023:2800)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:2800 advisory. The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity. Security...

sysstat security and bug fix update

12.5.4-5.0.1 - add mpstat -H option to also display physically hotplugged vCPUs Orabug: 34683087 12.5.4-5 - Fix --dec argument validation rhbz2080650 12.5.4-4 - arithmetic overflow in allocatestructures on 32 bit systems CVE-2022-39377...

RHEL 9 : sysstat (RHSA-2023:2234)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:2234 advisory. The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity. Security...