1399 matches found
SUSE CVE-2022-38266
An issue in the Leptonica linked library v1.79.0 allows attackers to cause an arithmetic exception leading to a Denial of Service DoS via a crafted JPEG file...
GSD-2023-1001800 netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
netfilter: nftpayload: incorrect arithmetics when fetching VLAN header bits This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.164 by commit...
Huawei EulerOS: Security Advisory for gmp (EulerOS-SA-2023-1255)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Upgraded Q -> M from #658 [1674423108320]
Judge has assessed an item in Issue 658 as M risk. The relevant finding follows: L-05 MARGIN ASSET TOKENS WITH MORE THAN 18 DECIMALS ARE NOT SUPPORTED As shown below, arithmetic operations of the StableVault.deposit, StableVault.withdraw, Trading.handleDeposit, and Trading.handleWithdraw function...
The vulnerability of the EVP_CIPHER_meth_new() function in the OpenSSL library, which allows a hacker to disclose sensitive information
The vulnerability of the EVPCIPHERmethnew function in the OpenSSL library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to disclose sensitive information that is protected by this function...
Huawei EulerOS: Security Advisory for mariadb-connector-c (EulerOS-SA-2023-1227)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.9.1 : deltarpm (EulerOS-SA-2023-1187)
According to the versions of the deltarpm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service application crash via an invalid file that causes ...
The vulnerability of the calloc() function in the libarchive library allows a perpetrator to execute arbitrary code or cause a service failure.
The vulnerability of the calloc function in the libarchive library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service interruptions...
EulerOS Virtualization 2.10.0 : sudo (EulerOS-SA-2022-2921)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in...
EulerOS Virtualization 2.10.1 : mariadb-connector-c (EulerOS-SA-2022-2937)
According to the versions of the mariadb-connector-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper...
Fedora 36 : sysstat (2022-dbe48a4bc7)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-dbe48a4bc7 advisory. Security fix for CVE-2022-39377 - arithmetic overflow in allocatestructures on 32 bit systems Tenable has extracted the preceding description block directly...
The vulnerability of the malidp_crtc_reset() function in the Linux kernelās drivers/gpu/drm/arm/malidp_crtc.c file allows a hacker to trigger a service failure or increase their privileges.
The vulnerability of the malidpcrtcreset function in the Linux kernelās drivers/gpu/drm/arm/malidpcrtc.c file is related to a pointer arithmetic error. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...
Underlying With Non-Standard Decimals Not Supported
Lines of code Vulnerability details Impact Arithmetic operations are performed with the assumption that the token always has 18 decimals. Proof of Concept It would not be possible without using 18 decimal places of the base capital. Tools Used vscode Recommended Mitigation Steps Consider whether...
EulerOS 2.0 SP10 : deltarpm (EulerOS-SA-2022-2816)
According to the versions of the deltarpm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service application crash via an invalid file that causes a large dynami...
EulerOS 2.0 SP10 : deltarpm (EulerOS-SA-2022-2841)
According to the versions of the deltarpm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service application crash via an invalid file that causes a large dynami...
Updated leptonica packages fix security vulnerability
This update fixes a denial of service vulnerability in leptonlib. It can be made to crash with an arithmetic exception on specially crafted JPEG files. CVE-2022-38266...
MGASA-2022-0472 Updated leptonica packages fix security vulnerability
This update fixes a denial of service vulnerability in leptonlib. It can be made to crash with an arithmetic exception on specially crafted JPEG files. CVE-2022-38266...
Unable to release funds deposited through Lock-extendLock
Lines of code Vulnerability details Impact Users depositing tig assets to the bondNFT through the Lock contract could find themselves unable to release their funds. The only explanation the user would receive is an "Arithmetic over/underflow" error. This issue greatly deteriorates the user...
integer overflow or underflow
Lines of code Vulnerability details Impact If an integer overflow or underflow occurs in the contract, it could lead to incorrect calculations and potentially unintended consequences, such as the transfer of incorrect amounts of tokens or the allocation of incorrect amounts of rewards. This could...
Amazon Linux 2 : device-mapper-multipath (ALAS-2022-1883)
The version of device-mapper-multipath installed on the remote host is prior to 0.4.9-136. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1883 advisory. multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or ...