CVE-2024-25713

yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the poolfree function lacks loop checks. poolfree is part of the pool series allocator, along with poolmalloc and poolrealloc...

PT-2024-21108 · Yyjson · Yyjson

Name of the Vulnerable Software and Affected Versions: yyjson versions 0.8.0 and earlier Description: The issue is related to a double free vulnerability in the pool series allocator, specifically due to the lack of loop checks in the pool free function. This can lead to remote code execution in...

CLSA-2024-1707478721 kernel: Fix of 11 CVEs

netfilter: nftables: reject QUEUE/DROP verdict parameters CVE-2024-1086 - RDMA/core: Refactor rdmabindaddr CVE-2023-2176 - RDMA/cma: Do not change route.addr.srcaddr outside state checks - RDMA/cma: Ensure rdmaaddrcancel happens before issuing more requests - drm/amdgpu: Fix potential fence...

unbound: integer overflow in the regional allocator via the ALIGN_UP macro

A flaw was found in unbound. An integer overflow in the regional allocator via the ALIGNUP macro may lead to a buffer overflow if the size can be controlled by an attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability...

Exploit for Classic Buffer Overflow in Jerryscript

CVE-2023-36109 a poc for cve-2023-36109 request repo g...

UBUNTU-CVE-2022-48570

Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-14318 fix was intentionally remov...

Crypto++ 缓冲区错误漏洞

Crypto++ is a C++ cryptographic method library. A security vulnerability exists in Crypto++ 8.4 and earlier versions, which stems from the fact that if allocated memory is not 16-byte aligned, the function FixSizeAllocatorWithCleanup may write to memory outside of the allocation...

GHSA-G98V-HV3F-HCFR atty potential unaligned read

On windows, atty dereferences a potentially unaligned pointer. In practice however, the pointer won't be unaligned unless a custom global allocator is used. In particular, the System allocator on windows uses HeapAlloc, which guarantees a large enough alignment. atty is Unmaintained A Pull Reques...

Design/Logic Flaw

RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. In version 2023.01 and prior, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used...

CVE-2023-33975 RIOT-OS vulnerable to Out of Bounds Write in _rbuf_add

RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. In version 2023.01 and prior, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used...

CVE-2023-24817

RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device resulting in an integer underflow and out of bounds access in the packet buffer...

kernel: RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()

A flaw was found in the qedr module in the Linux kernel. A missing release of allocated memory when an error occurs will cause a memory leak, potentially impacting system performance and resulting in a denial of service...

Virtuoso Open-Source Edition SQL注入漏洞

Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment, and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.9, which ste...

kernel: mm/slub: add missing TID updates on slab deactivation

In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slaballocnode assumes that c-slab is stable as long as the TID stays the same. However, two places in slaballoc currently don't update the TID when deactivatin...

kernel: tipc: fix a null-ptr-deref in tipc_topsrv_accept

In the Linux kernel, the following vulnerability has been resolved: tipc: fix a null-ptr-deref in tipctopsrvaccept syzbot found a crash in tipctopsrvaccept: KASAN: null-ptr-deref in range 0x0000000000000008-0x000000000000000f Workqueue: tipcrcv tipctopsrvaccept RIP: 0010:kernelaccept+0x22d/0x350...

CVE-2023-30837 Vyper storage allocator overflow

Vyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. This issue was fixed in version 0.3.8...

CVE-2023-30837 Vyper storage allocator overflow

Vyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. This issue was fixed in version 0.3.8...

vyper vulnerable to storage allocator overflow

Impact The storage allocator does not guard against allocation overflows. This can result in vulnerabilities like the following: vyper owner: publicaddress takeupsomespace: publicuint25610 buffer: publicuint256maxvalueuint256 @external def initialize: self.owner = msg.sender @external def fooidx:...

PT-2023-22992 · Vyper · Vyper

Name of the Vulnerable Software and Affected Versions: Vyper versions prior to 0.3.8 Description: The storage allocator in Vyper does not guard against allocation overflows, allowing an attacker to overwrite the owner variable. This issue can be exploited by calling a contract with specific...

Malicious code in texture-allocator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 295589602f0c0baf1ed21fb915589780ccee883cf28e0458728a211b840b4bae The OpenSSF Package Analysis project identified 'texture-allocator' @ 99.99.80 npm as malicious. It is considered malicious because: - The packa...