EUVD-2026-28376

Decimal: Unbounded exponent in Decimal.new enables unauthenticated DoS...

CVE-2024-58293

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform arithmetic...

CVE-2025-40169 bpf: Reject negative offsets for ALU ops

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the checkaluop function validates instructions with ALU operations. The 'offset' field in these instructions is a signed 16-bit integer. The existing check...

Measuring Computational Universality of Fully Homomorphic Encryption

Many real-world applications, such as machine learning and graph analytics, involve combinations of linear and non-linear operations. As these applications increasingly handle sensitive data, there is a significant demand for privacy-preserving computation techniques capable of efficiently...

ALSA-2024:5306 Moderate: orc security update

Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays of data. The "language" is a generic assembly language that represents many of the features available in SIMD architectures, including saturated addition and subtraction, and many arithmetic...

PT-2024-40907 · Rsa · Rsa

Name of the Vulnerable Software and Affected Versions: rsa affected versions not specified Description: The issue concerns potential side-channel attacks due to non-constant time operations, including arithmetic and Base64 encoding. Recommendations: At the moment, there is no information about a...

Moderate: Red Hat Security Advisory: gmp update

An update for gmp is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

There is potential underflow and overflow issues in arithmetic operations in the _getRewardsSinceLastClaim function

Lines of code Vulnerability details Impact There are potential underflow and overflow issues in arithmetic operations. Not being able to verify that subtracting lastClaimedValue from shareDataid.shareHolderRewardsPerTokenScaled would result in a negative value. This could lead to affecting the...

Potential Integer Underflow/Overflow: The code uses the SafeCastLib library for type conversions, but it does not handle potential underflow or overflow situations.

Lines of code Vulnerability details Impact The potential integer underflow/overflow vulnerability in the code can lead to incorrect calculations, unexpected behavior, and potential security issues. Proof of Concept In the provided code, there are a few areas where potential integer...

ZERO TRUNCATION COULD LEAD TO UNEXPECTED RESULTS

Lines of code Vulnerability details Impact Precision issue leading to zero truncation due to numerator smaller than denominator in a ratio or a division happens readily in Solidity if extra cares have not been given to it. Arithmetic operations running into this incident are typically associated...

Upgraded Q -> M from #658 [1674423108320]

Judge has assessed an item in Issue 658 as M risk. The relevant finding follows: L-05 MARGIN ASSET TOKENS WITH MORE THAN 18 DECIMALS ARE NOT SUPPORTED As shown below, arithmetic operations of the StableVault.deposit, StableVault.withdraw, Trading.handleDeposit, and Trading.handleWithdraw function...

Underlying With Non-Standard Decimals Not Supported

Lines of code Vulnerability details Impact Arithmetic operations are performed with the assumption that the token always has 18 decimals. Proof of Concept It would not be possible without using 18 decimal places of the base capital. Tools Used vscode Recommended Mitigation Steps Consider whether...

integer overflow or underflow

Lines of code Vulnerability details Impact If an integer overflow or underflow occurs in the contract, it could lead to incorrect calculations and potentially unintended consequences, such as the transfer of incorrect amounts of tokens or the allocation of incorrect amounts of rewards. This could...

Ubuntu: Security Advisory (USN-5735-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

A Wide Reduction Trick

In line with the original spirit of Cryptography Dispatches, this is a quick1 issue to talk about a neat bit of cryptography engineering I encountered. The structure of an ECC implementation Elliptic curve cryptography implementations all roughly share the following structure: theres a base field...

RHEL 8 : kernel-rt (RHSA-2021:4140)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4140 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1899-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1899-1 advisory. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received...

SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1891-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1891-1 advisory. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require th...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.41 and fixes at least the following security issues: A double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash...

shellcode-x86_x64

This repository contains a collection of assembly code examples for a 64-bit Linux system, primarily focusing on basic instructions and operations. The code is written in NASM Netwide Assembler and covers various topics such as arithmetic, logical operations, string manipulation, and stack...