Out-of-bounds Write

libzephyr.so is vulnerable to Out of Bounds Write. The vulnerability is due to insufficient bounds checks when filtering IDs in the canstm32removerxfilter, cannxps32removerxfilter, and mcp2515removerxfilter functions. This issue arises because these functions do not adequately verify that the...

Out-of-bounds

In International Color Consortium DemoIccMAX 79ecb74, CIccCLUT::Interp3d in IccProfLib/IccTagLut.cpp in libSampleICC.a attempts to access array elements at out-of-bounds indexes...

CVE-2023-46866

In International Color Consortium DemoIccMAX 79ecb74, CIccCLUT::Interp3d in IccProfLib/IccTagLut.cpp in libSampleICC.a attempts to access array elements at out-of-bounds indexes...

Mozilla Firefox And Thunderbird Type Confusion Vulnerability

Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements...

Gas griefing attack on the removeUserActiveBlocks function

Handle shw Vulnerability details Impact The consumed gas to remove a user's active block is proportional to the total number of array elements i.e., block numbers. However, the array size can be arbitrarily increased by an attacker with only paying gas fees, causing a gas griefing attack when the...

Unbounded loop in function transferERC721

Handle shw Vulnerability details Impact The function transferERC721 loops over an unbounded array, timelockERC721KeysnftContract, whose length never decreases but increases whenever the owner locks an ERC721 token. Therefore, the required gas for executing this loop grows over time and could reac...

CVE-2019-17026

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 68.4.1, Thunderbird 68.4.1, and Firefox 72.0.1...

CVE-2019-17026

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 68.4.1, Thunderbird 68.4.1, and Firefox 72.0.1...

UBUNTU-CVE-2019-17026

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 68.4.1, Thunderbird 68.4.1, and Firefox 72.0.1...

VulnCheck KEV: CVE-2019-17026

Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements...

Adobe Acrobat Reader DC text field value remote code execution vulnerability redux

Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC, version 2019.012.20035. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim...

Chrome V8 PromiseAllResolveElementClosure Element Confusion Vulnerability

Exploit for multiple platform in category dos / poc Chrome: V8: PromiseAllResolveElementClosure can cause elements kind confusion The Promise.all method internally uses PromiseAllResolveElementClosure...

[SECURITY] Fedora 26 Update: gtatool-2.2.0-6.fc26

Gtatool is a command line tool to manipulate GTAs. It provides a set of commands that manipulate GTAs on various levels: array element components, array dimensions, whole arrays, and streams of ar rays. For example, you can add components to array elements, merge separate arrays into combined...