GO-2025-4025 CometBFT's invalid BitArray handling can lead to network halt in github.com/cometbft/cometbft

CometBFT's invalid BitArray handling can lead to network halt in github.com/cometbft/cometbft...

EUVD-2025-34453

CometBFT's invalid BitArray handling can lead to network halt...

Improper Handling of Syntactically Invalid Structure

Overview Affected versions of this package are vulnerable to Improper Handling of Syntactically Invalid Structure via the handling of BitArray objects with mismatched Elems and Bits values. An attacker can cause network disruption or halt by sending specially crafted messages containing invalid...

Improper Handling of Syntactically Invalid Structure

Overview github.com/cometbft/cometbft/consensus is a Byzantine Fault Tolerant BFT middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Affected versions of this package are vulnerable to Improper Handling of...

GHSA-HRHF-2VCR-GHCH CometBFT's invalid BitArray handling can lead to network halt

Name: ASA-2025-003: Invalid BitArray handling can lead to network halt Criticality: High Considerable Impact; Possible Likelihood per ACMv1.2 Affected versions: = v0.38.18, = v0.37.15, and main development branches Affected users: Validators, Full nodes, Users Description A bug was discovered in...

CometBFT's invalid BitArray handling can lead to network halt

Name: ASA-2025-003: Invalid BitArray handling can lead to network halt Criticality: High Considerable Impact; Possible Likelihood per ACMv1.2 Affected versions: = v0.38.18, = v0.37.15, and main development branches Affected users: Validators, Full nodes, Users Description A bug was discovered in...

SUSE CVE-2016-1660

Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::doubleconversion::Vector classes, which allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via a crafted web site...

CVE-2016-1660

Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::doubleconversion::Vector classes, which allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via a crafted web site...

VideoLAN VLC Media Player 2.1.2 - .asf Crash (PoC)

VideoLAN VLC Media Player 2.1.2 - .asf Crash PoC !/usr/bin/python VLC Media Player up to 2.1.2 DOS POC Integer Division By zero in ASF Demuxer VLC Media Player is prone to DOS utilizing a division by zero error if minimium data packet size is equal to zero. this was tested on windows XP sp3 and...