142 matches found
USN-5704-1 dbus vulnerabilities
It was discovered that DBus incorrectly handled messages with invalid type signatures. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. CVE-2022-42010 It was discovered that DBus was incorrectly validating the length of arrays of fixed-lengt...
OESA-2022-2000 dbus security update
Security Fixes: An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.CVE-2022-42010 An...
The vulnerability of the D-Bus inter-process communication mechanism, related to a boundary error caused by an invalid fixed-length array of elements, allows a malicious actor to trigger a service failure.
The vulnerability of the D-Bus inter-process communication mechanism is related to a boundary error caused by an invalid fixed-length array element, where the length of the array is not a multiple of the length of an individual element. Exploiting this vulnerability can allow a malicious actor to...
CVE-2022-42011
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type...
An issue was discovered in D-Bus before 1.12.24 1.13.x and 1.14.x before 1.14.4 and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.
...
AZL-11092 CVE-2022-42011 affecting package dbus for versions less than 1.15.2-2
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
DEBIAN-CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
ALPINE-CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
UBUNTU-CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
Denial Of Service (DoS)
dbus is vulnerable to denial of service. The vulnerability exists when sending messages with array length inconsistent with element type which allows an attacker to cause an application crash...
Lack of input array length check in UNSAFE_swapExactTokensForTokens() could lock user's funds
Lines of code Vulnerability details Impact In case the amounts and routes array do not match in length by mistake: the swap might fail the swap could stop early during the swap path user funds could be locked forever in some situations Proof of Concept src/Swap/BaseV1-periphery.sol function...
Denial Of Service (DoS)
radare2 is vulnerable to denial of service. The vulnerability exists due to an off-by-one overflow flaw caused by mismatched array length in corejava.c which allows an attacker to crash the application via malicious input...
CVE-2020-27793
An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...
CVE-2020-27793
An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...
Buffer overflow
An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...
UBUNTU-CVE-2020-27793
An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...
CVE-2020-27793
An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...