15 matches found
GHSA-GQ83-8Q7Q-9HFX OpenClaw's serialize sandbox registry writes to prevent races and delete-rollback corruption
Impact Concurrent updateRegistry/removeRegistryEntry operations for sandbox containers and browsers could lose updates or resurrect removed entries under race conditions. The registry writes were read-modify-write in a window with no locking and permissive fallback parsing, so concurrent registry...
MAL-2025-107071 Malicious code in phydfgllo-notthedevs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a878d20f535389fea60d55942e9abdaf84ffe7b2f519b44f362436f92b2c7350 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
PYSEC-2024-311
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...
CVE-2024-47813
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...
CVE-2024-47813 Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...
Notation 资源管理错误漏洞
Notation is a collection of libraries open-sourced by the Notary Project to support symbolic notation, verification, push and pull oci artifacts. A resource management error vulnerability exists in versions prior to Notation v1.0.0-rc.6. The vulnerability stems from the fact that if a user runs t...
Notation 数据伪造问题漏洞
Notation is a collection of libraries open-sourced by the Notary Project to support symbolic notation, validation, push and pull oci artifacts. A data forgery issue vulnerability exists in versions prior to Notation v1.0.0-rc.6, which can be exploited by an attacker to corrupt the registry and...
Microsoft Windows RAS Manager Registry Corruption (CVE-2006-2371)
A buffer overflow vulnerability has been reported in Microsoft Routing and Remote Access Service. The flaw is caused by improper boundary checking of user-supplied data to the Routing and Remote Access service. A remote attacker may leverage this vulnerability by sending a crafted request to the...
Windows RASMAN registry corruption vulnerability
Added: 07/28/2006 CVE: CVE-2006-2371 BID: 18358 OSVDB: 26436 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. The Remote Access Connection Manager RASMAN service handles the detail...
Windows RASMAN registry corruption vulnerability
Added: 07/28/2006 CVE: CVE-2006-2371 BID: 18358 OSVDB: 26436 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. The Remote Access Connection Manager RASMAN service handles the detail...
Windows RASMAN registry corruption vulnerability
Added: 07/28/2006 CVE: CVE-2006-2371 BID: 18358 OSVDB: 26436 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. The Remote Access Connection Manager RASMAN service handles the detail...
CVE-2006-2371
Buffer overflow in the Remote Access Connection Manager service RASMAN service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to...
Buffer overflow
Buffer overflow in the Remote Access Connection Manager service RASMAN service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to...
CVE-2006-2371
Buffer overflow in the Remote Access Connection Manager service RASMAN service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to...
Microsoft Remote Access Connection Manager service vulnerable to buffer overflow
Overview A vulnerability in the Microsoft Remote Access Connection Manager may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft describes the Routing and Remote Access Service RRAS as follows:RRAS makes it possible for a computer to function as a...