CVE-2022-3273

CVE-2022-3273 affects the GitHub repository ikus060/rdiffweb, specifically versions prior to 2.5.0a4. The root cause is an allocation of resources without limits or throttling. The vulnerability can lead to resource exhaustion, affecting availability and potentially exposing or degrading service ...

Information Disclosure

VirGL virtual OpenGL renderer is vulnerable to sensitive information disclosure. The vulnerability is due to incorrect initialization of memory when allocating a host-backed memory resource...

The amountRemaining in withdrawAdmin() Function is Underflow

Lines of code Vulnerability details Impact allocatedTokens can get messed up when the amountRemaining in the withdrawAdmin function is underflowed in rare cases. This will make numTokensReservedForVesting will have a larger amount of funds compared to the funds in the token. This will make it...

GSD-2022-1006226 ext4: make sure ext4_append() always allocates new block

ext4: make sure ext4append always allocates new block This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...

Node.js: Weak randomness in WebCrypto keygen

https://github.com/nodejs/node/pull/35093 introduced a call to EntropySource in SecretKeyGenTraits::DoKeyGen in src/crypto/cryptokeygen.cc. There are two problems with this: 1. It does not check the return value, it assumes EntropySource always succeeds, but it can and sometimes will fail. 2. The...

CVE-2022-3078

An issue was discovered in the Linux kernel through 5.16-rc6. There is a lack of check after calling vzalloc and lack of free after allocation in drivers/media/test-drivers/vidtv/vidtvs302m.c...

CVE-2022-3078

A flaw was found in the Linux kernel. There is a lack of check after calling vzalloc and a lack of free after allocation in drivers/media/test-drivers/vidtv/vidtvs302m.c...

Logic error

Lines of code Vulnerability details Impact This could result in ignoring a task from allocating. Also this could cause in incorrect memory of array. Proof of Concept // Local instance of lastAllocatedChangeOrderTask. To save gas. uint256 i = lastAllocatedChangeOrderTask; // Local instance of...

CVE-2022-34480

Within the lginit function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox 102...

Buffer Overflow

libjpeg.so is vulnerable to buffer overflow. The vulnerability exists due to a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...

CVE-2022-31796

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...

CVE-2022-31796

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...

Limit not enforced on teamSummon function

Lines of code Vulnerability details Impact The docs say there is a cap on how many tokens the project team can mint, however there are no checks or tracking implemented in the teamSummon function to enforce that limit. An admin calling that function could accidentally or maliciously exceed the...

GSD-2022-1002450 mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node

mm/pagesalloc.c: don't create ZONEMOVABLE beyond the end of a node This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.276 by commit...

GSD-2022-1001978 qede: confirm skb is allocated before using

qede: confirm skb is allocated before using This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.111 by commit...

unchecked size in _load_bmp leads to RAM exhaustion in version 3.10

Description Via a maliciously crafted bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer. Version This does affect the newest Version of Cimg which...

CVE-2022-21733

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

PYSEC-2022-57

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

CVE-2022-21733 Memory exhaustion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

[WP-H36] Admin of the index pool can withdrawCredit() after applyCover() to avoid taking loss for the compensation paid for a certain pool

Handle WatchPug Vulnerability details In the current implementation, when an incident is reported for a certain pool, the index pool can still withdrawCredit from the pool, which in the best interest of an index pool, the admin of the index pool is preferred to do so. This allows the index pool t...