3656 matches found
GHSA-G2XH-C426-V8MF Vyper: reversed order of side effects for some operations
Impact For the following probably non-exhaustive list of expressions, the compiler evaluates the arguments from right to left instead of left to right. - unsafeadd - unsafesub - unsafemul - unsafediv - powmod256 - |, &, ^ bitwise operators - bitwiseor deprecated - bitwiseand deprecated - bitwisex...
Exploit for Out-of-bounds Write in Linux Linux_Kernel
nftables oob read/write exploit CVE-2023-35001 Exploit used...
PT-2023-27210 · Vyper · Vyper
Name of the Vulnerable Software and Affected Versions: Vyper affected versions not specified Description: The Vyper compiler evaluates arguments from right to left instead of left to right for certain expressions, including unsafe add, unsafe sub, unsafe mul, unsafe div, pow mod256, |, &, ^ bitwi...
Exploit for Out-of-bounds Write in Linux Linux_Kernel
nftables oob read/write exploit CVE-2023-35001 Exploit used...
[SECURITY] Fedora 37 Update: mingw-qt5-qtbase-5.15.10-4.fc37
This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...
Integer overflow
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.6.0 and prior are vulnerable to integer overflow in consumecount of src/gnuv2/cplus-dem.c. The overflow check is valid logic but, is missing the modulus if the block once compiled. The compiler sees this block...
[SECURITY] Fedora 37 Update: rust-1.71.1-1.fc37
Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...
Fedora: Security Advisory for rust (FEDORA-2023-4824704a61)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Intel ISPC Security Vulnerability
Intel ISPC is a program compiler from Intel Corporation USA. A security vulnerability exists in IntelR ISPC prior to version 1.19.0 that stems from improper access control. An attacker can exploit the vulnerability to elevate privileges...
AZL-27875 CVE-2023-39533 affecting package msft-golang for versions less than 1.19.12-1
go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...
AZL-37422 CVE-2023-39533 affecting package golang for versions less than 1.21.6-1
go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...
AZL-37359 CVE-2023-39533 affecting package golang for versions less than 1.21.6-1
go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...
AZL-27872 CVE-2023-39533 affecting package golang for versions less than 1.19.12-1
go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...
CVE-2023-39533
go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...
AZL-52773 CVE-2023-39533 affecting package golang for versions less than 1.19.12-1
go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...
CVE-2023-39533 libp2p nodes vulnerable to attack using large RSA keys
go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...
CVE-2023-39533 libp2p nodes vulnerable to attack using large RSA keys
go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...
The vulnerability of the GraalVM Compiler virtual machine components in Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK allows a perpetrator to gain access to confidential information.
The vulnerability of the GraalVM Compiler for Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK relates to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information...
Fedora: Security Advisory for mingw-qt5-qtbase (FEDORA-2023-5ead27b6d2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 37 Update: mingw-qt6-qtbase-6.5.1-2.fc37
This package contains the Qt software toolkit for developing cross-platform applications. This is the 32-bit Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...