53 matches found
EUVD-2021-17394
Malware in sbrugna...
EUVD-2021-28761
Malicious code in bioql PyPI...
CVE-2021-41752
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt function...
PT-2025-30873
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the ATM CLIP module, specifically within the clip push function. A recursive call can occur under certain conditions, potentially leading to ...
ALPINE-CVE-2024-45817
In x86's APIC Advanced Programmable Interrupt Controller architecture, error conditions are reported in a status register. Furthermore, the OS can opt to receive an interrupt when a new error occurs. It is possible to configure the error interrupt with an illegal vector, which generates an error...
GHSA-67FV-9R7G-432H Rhai stack overflow vulenrability
A stack overflow vulnerability was found in version 1.18.0 of rhai. The flaw position is: / SRC/rhai/SRC/eval/STMT. Rs in rhai: : eval: : STMT: : $LT $impl $u20 $rhai.. engine.. Engine$GT$::evalstmt::h3f1d68ce37fc6e96. Due to the stack overflow is a recursive call/SRC/rhai/SRC/eval/STMT. Rs file...
CVE-2024-36760
A stack overflow vulnerability was found in version 1.18.0 of rhai. The flaw position is: / SRC/rhai/SRC/eval/STMT. Rs in rhai: : eval: : STMT: : $LT $impl $u20 $rhai.. engine.. Engine$GT$::evalstmt::h3f1d68ce37fc6e96. Due to the stack overflow is a recursive call/SRC/rhai/SRC/eval/STMT. Rs file...
CVE-2024-36760
Rhai 1.18.0 contains a stack overflow vulnerability caused by a recursive call in the eval_stmt_block function (source path: /SRC/rhai/SRC/eval/STMT.Rs). CVE-2024-36760 and related advisories describe an impact on availability with CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. A practical worka...
RHEL 8 : hivex (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - hivex: stack overflow due to recursive call of getchildren CVE-2021-3622 Note that Nessus has not tested for this...
EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2024-1559)
According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the...
AZL-48623 CVE-2024-1151 affecting package kernel 5.15.200.1-1
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result,...
Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2024-469)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-469 advisory. Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the...
CVE-2023-48706
Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory which may later...
SUSE CVE-2021-39257
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain starting from ntfsattrpwrite, causing stack consumption in NTFS-3G 2021.8.22...
Reentrancy vulnerabilities
Lines of code Vulnerability details Impact A reentrancy attack can occur when the contract fails to update its state before the interaction, the attacker can make a recursive call back to the original function in an attempt to drain funds or token. Proof of Concept Contract Fed.sol. Function...
CVE-2022-36104
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as an error message from another page. This leads t...
Design/Logic Flaw
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as an error message from another page. This leads t...
CVE-2021-41752
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt function...
Stack overflow
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt function...
openSUSE 15 Security Update : hivex (openSUSE-SU-2021:1319-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1319-1 advisory. - hivex: stack overflow due to recursive call of getchildren CVE-2021-3622 Note that Nessus has not tested for this issue but has instead relied onl...