3656 matches found
SUSE: Security Advisory (SUSE-SU-2023:4287-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-46232
era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The proble...
Code injection
era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The proble...
CVE-2023-46232 era-compiler-vyper First Immutable Variable Initialization vulnerability
era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The proble...
CVE-2023-46232
The CVE concerns era-compiler-vyper (EraVM Vyper compiler for zkSync Era). Before 1.3.10, a bug in initialization of the first immutable variable for Vyper contracts could occur when a String or Array allocates more 256‑bit words than are initialized; the second word’s index could be left unset (...
CVE-2023-46232 era-compiler-vyper First Immutable Variable Initialization vulnerability
era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The proble...
CVE-2023-46232 era-compiler-vyper First Immutable Variable Initialization vulnerability
era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The proble...
The vulnerability of the Compiler component of the Oracle GraalVM for JDK allows a hacker to gain access to read, modify, add, or delete data.
The vulnerability of the Compiler component of the Oracle GraalVM for JDK lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to read, modify, add, or delete data...
era-compiler-vyper security vulnerability
era-compiler-vyper is the EraVM Vyper compiler. A security vulnerability exists in versions of era-compiler-vyper prior to 1.3.10, which stems from the presence of a memory issue...
[SECURITY] Fedora 38 Update: fbthrift-2023.10.16.00-1.fc38
Thrift is a serialization and RPC framework for service communication. Thrift enables these features in all major languages, and there is strong support for C++, Python, Hack, and Java. Most services at Facebook are written using Thri ft for RPC, and some storage systems use Thrift for serializin...
[SECURITY] Fedora 37 Update: fbthrift-2023.10.16.00-1.fc37
Thrift is a serialization and RPC framework for service communication. Thrift enables these features in all major languages, and there is strong support for C++, Python, Hack, and Java. Most services at Facebook are written using Thri ft for RPC, and some storage systems use Thrift for serializin...
SUSE: Security Advisory (SUSE-SU-2023:4162-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:4162-1 Security update for gcc13
This update for gcc13 fixes the following issues: This update ship the GCC 13.2 compiler suite and its base libraries. The compiler base libraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 12 ones. The new compilers for C, C++, and Fortran are provided...
Compiler version used by Brahma contracts may introduce permanent bugs in the future
Lines of code Vulnerability details Impact Lack of upgradeability of protocol to adapt with new pragma version may introduce a risk of being targeted by malicious actors if the pragma version 0.8.19 introduce bugs in the future. Here's the list of previous solidity compiler bugs for your referenc...
Medium: libsepol
Issue Overview: The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper. CVE-2021-36084 The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from verifymappermclassperms and hashtabmap...
Oracle OpenJDK Vulnerability (CVE-2023-22025)
Oracle OpenJDK is prone to a vulnerability in the hotspot/compiler component. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Amazon Linux 2 : golang (ALAS-2023-2313)
The version of golang installed on the remote host is prior to 1.20.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2313 advisory. 2024-01-03: CVE-2023-39319 was added to this advisory. 2023-10-30: CVE-2023-39318 was added to this advisory. The...
OESA-2023-1735 gcc security update
The gcc package contains the GNU Compiler Collection version 10. You'll need this package in order to compile C code. Security Fixes: A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-siz...
CVE-2023-45133
Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that re...
CVE-2023-45133
Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that re...