137 matches found
Lack of array length validation in delegateMulti() can lead to errors.
Lines of code Vulnerability details Impact There is no validation that the sources, targets, and amounts arrays passed to delegateMulti are the same length. This could cause issues with iterating through the arrays. Proof of Concept In the delegateMulti function. function delegateMulti uint256...
Malicious caller tcan o pass arrays with more than 1 element to exploit the contract
Lines of code Vulnerability details Impact This can lead to assets being trapped in the contract or transferred improperly. Proof of Concept This expects and enforces that minimumReceived and maximumSpent will only have 1 element each. A malicious caller could call with arrays like: minimumReceiv...
Malicious user may force gas limit error on created proposals
Lines of code Vulnerability details Impact User can create a proposal with arbitrary long array of targets. Function cancel iterates over those targets. Since this array may be long - the risk of out-of-gas error may occur - making the contract to be unable to cancel the proposal as cancel would...
Redeemer.redeem FUNCTION COULD REVERT DUE TO ARRAY LENGTH MISMATCH IN THE minAmountOuts ARRAY
Lines of code Vulnerability details Impact In the Redeemer.sol contract the Natspec comments are given how the minAmountOuts array is constructed when there are managed collaterals with sub-collaterals present. The comment is as follows: /// process and the minAmountOuts will be bigger than the...
EulerOS Virtualization 3.0.6.0 : dbus (EulerOS-SA-2023-2208)
According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in D-Bus Development branch = 1.13.16, dbus-1.12.x stable branch = 1.12.18, and dbus-1.10.x and old...
Huawei EulerOS: Security Advisory for dbus (EulerOS-SA-2023-2208)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2012-1182
The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call...
SUSE CVE-2016-7880
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution...
SUSE CVE-2017-5627
An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsRsetproperty function in jsrun.c lacks a check for a negative array length. This leads to an integer overflow in the jspushstring function in jsrun.c when parsing a specially crafted JS...
SUSE CVE-2020-27793
An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...
SUSE CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
[M-01] emitUserMetadata function may fail due to exceed gas limit
Lines of code Vulnerability details Impact The function emitUserMetadata in DripsHub may fail due to unbounded loop over userMetadata can be very large due to the user input. However, function could be called only from drivers, it's still public and large array could be passed. And the loop in...
dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type...
Moderate: Red Hat Security Advisory: dbus security update
An update for dbus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type...
dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type...
dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type...
OESA-2022-2051 dbus security update
Security Fixes: An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.CVE-2022-42010 An...
Unchecked array length of the public_inputs[] in Verifier.sol
Lines of code Vulnerability details Impact If an array enumerates all registered addresses, an adversary can register many addresses, causing the problem described above. Vulnerability Details Ethereum is a very resource-constrained environment. Prices per computational step are orders of magnitu...
USN-5704-1 dbus vulnerabilities
It was discovered that DBus incorrectly handled messages with invalid type signatures. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. CVE-2022-42010 It was discovered that DBus was incorrectly validating the length of arrays of fixed-lengt...