CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

Type confusion

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

CVE-2023-23557

CVE-2023-23557 affects Facebook Hermes (JavaScript engine used in React Native). The root cause is a type-confusion bug caused by copying object properties prior to commit, enabling an attacker to execute arbitrary code when Hermes runs untrusted JavaScript. The vulnerability is described across ...

CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

Minas – on the way to complexity

Sometimes when investigating an infection and focusing on a targeted attack, we come across something we were not expecting. The case described below is one such occurrence. In June 2022, we found a suspicious shellcode running in the memory of a system process. We decided to dig deeper and...

Information disclosure

CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure...

CVE-2023-28076

Dell CloudLink (encryption and key management) prior to version 7.1.2 uses a broken or risky cryptographic algorithm. An unauthenticated remote attacker could exploit this to disclose information. A fix is available: update to 7.1.2 or later (per PT-2023-21537 and CNVD/Dell advisories). As a temp...

CVE-2023-28076

CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure...

PT-2023-21537 · Cloudlink · Cloudlink

Name of the Vulnerable Software and Affected Versions: CloudLink versions prior to 7.1.2 Description: The issue is related to a broken or risky cryptographic algorithm, which could be exploited by an unauthenticated remote attacker, potentially leading to information disclosure. Recommendations:...

CentOS 8 : python38:3.8 and python38-devel:3.8 (CESA-2023:2763)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:2763 advisory. - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to pars...

SUSE CVE-2023-31568

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4...

Risk of Gas Limit Exceedance During Proposal Sorting

Lines of code Vulnerability details Impact The array of up to 10 proposals using the insertion sort algorithm in insertionSortProposalsByVotes function in the StandardFunding.sol contract but, if the number of proposals exceeds 10, the sorting process may cause the function to exceed the block ga...

Upgraded Q -> 2 from #279 [1683710498041]

Judge has assessed an item in Issue 279 as 2 risk. The relevant finding follows: L-06 EllipticCurve.validateSignature has wrong and needless code blocks if P2 == 0 return false; uint256 Px = inverseModP2, p; Px = mulmodP0, mulmodPx, Px, p, p; Px = p0 inverseP2^2 is not correct here. Fortunately, ...

Upgraded Q -> 2 from #298 [1683710120837]

Judge has assessed an item in Issue 298 as 2 risk. The relevant finding follows: L-03 Redundant and dangerous len parameter in readKeyValue Links Impact If the len is not set to input.length minus the offset, there may be unpredictable results due how the algorithm works. Proof of Concept Let's...

The vulnerability of Backup Exec’s software for backup and data restoration lies in its lack of authentication procedures. This allows attackers to elevate their privileges and execute arbitrary commands.

The vulnerability of Backup Exec’s backup and recovery software is related to deficiencies in authentication procedures when using the SHA cryptographic algorithm. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary commands...

The vulnerability of Backup Exec’s software for backup and data restoration lies in its lack of authentication procedures. This allows attackers to elevate their privileges and execute arbitrary commands.

The vulnerability of Backup Exec’s backup and recovery software is related to deficiencies in authentication procedures when using the SHA cryptographic algorithm. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary commands...

SUSE CVE-2023-1667

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service...

UBUNTU-CVE-2023-1667

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service...