1399 matches found
PT-2022-17439 · Qualcomm · Qualcomm Snapdragon
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to memory corruption caused by incorrect pointer arithmetic. This occurs when attempting to change the endianness in the video parser function. The estimate...
The vulnerability of the X.25 protocol implementation in the Linux operating system allows a hacker to trigger an emergency shutdown of the system.
The vulnerability of the X.25 protocol implementation in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause the system to terminate abnormally...
The vulnerability of the kvm_dirty_ring_push function (virt/kvm/dirty_ring.c) in the KVM virtualization subsystem of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the kvmdirtyringpush function virt/kvm/dirtyring.c in the KVM virtualization subsystem of the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the generate_loadvar() function in the Vim text editor allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the generateloadvar function in the Vim text editor is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the realloc_symlink function in the rock.c file of the libcdio library allows a attacker to cause a service failure.
The vulnerability of the reallocsymlink function in the rock.c file of the libcdio library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
A Wide Reduction Trick
In line with the original spirit of Cryptography Dispatches, this is a quick1 issue to talk about a neat bit of cryptography engineering I encountered. The structure of an ECC implementation Elliptic curve cryptography implementations all roughly share the following structure: theres a base field...
Wrong arithmetic operation upon filling a bid order, lead to lost amount of ether on user funds
Lines of code Vulnerability details Functions GolomTrader.solfillBid... and GolomTrader.solfillCriteriaBid... used to fill a signed order Golom order.orderType = 1 or = 2 by the buyer after he approved GolomTrader contract some wETH. However, in case that the signed order is of type ERC1155 where...
The vulnerability of the Packet Forwarding Engine (PFE) module in Juniper Networks’ Junos OS-based routers of the QFX5000 Series and MX Series models is related to pointer arithmetic errors. This vulnerability allows attackers to trigger a service failure.
The vulnerability of the Packet Forwarding Engine PFE module in Juniper Networks’ Junos OS-based routers of the QFX5000 Series and MX Series models is related to pointer arithmetic errors. Exploiting this vulnerability allows a malicious actor to trigger service failures remotely...
OESA-2022-1789 protobuf-c security update
This is protobuf-c, a C implementation of the Google Protocol Buffers data serialization format. Security Fixes: Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a...
CVE-2022-34739
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings...
CVE-2022-34739
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings...
CVE-2022-34739
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings...
Buffer overflow
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings...
CVE-2022-34739
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings...
CVE-2022-34739
CVE-2022-34739 affects Huawei/HarmonyOS Fingerprint Module. The vulnerability is an overflow in arithmetic addition in the fingerprint component, which could allow an attacker to obtain data from unknown addresses in address mappings. The NVD description notes exploitation may lead to data leakag...
Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
...
The vulnerability of the `skipwhite` function in the Vim text editor allows a hacker to execute arbitrary code.
The vulnerability of the skipwhite function in the Vim text editor is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability in the implementations of preparse_server_key(), free_preparse_server_key(), and destroy_server_key() functions of Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the preparseserverkey, freepreparseserverkey, and destroyserverkey functions in Linux kernel implementations is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause service failures...
protobuf-c denial-of-service vulnerability
protobuf-c is a protocol buffer implementation based on C. A denial of service vulnerability exists in Protobuf-c v1.4.0, which stems from a function parsetagandwiretype in protobuf-c/protobuf-c.c that contains an invalid arithmetic shift. An attacker could exploit this vulnerability to cause a...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. It contains an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to it...