137 matches found
OESA-2022-2000 dbus security update
Security Fixes: An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.CVE-2022-42010 An...
CVE-2022-42011
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type...
An issue was discovered in D-Bus before 1.12.24 1.13.x and 1.14.x before 1.14.4 and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.
...
AZL-11092 CVE-2022-42011 affecting package dbus for versions less than 1.15.2-2
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
DEBIAN-CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
ALPINE-CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
UBUNTU-CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
Denial Of Service (DoS)
dbus is vulnerable to denial of service. The vulnerability exists when sending messages with array length inconsistent with element type which allows an attacker to cause an application crash...
Lack of input array length check in UNSAFE_swapExactTokensForTokens() could lock user's funds
Lines of code Vulnerability details Impact In case the amounts and routes array do not match in length by mistake: the swap might fail the swap could stop early during the swap path user funds could be locked forever in some situations Proof of Concept src/Swap/BaseV1-periphery.sol function...
Denial Of Service (DoS)
radare2 is vulnerable to denial of service. The vulnerability exists due to an off-by-one overflow flaw caused by mismatched array length in corejava.c which allows an attacker to crash the application via malicious input...
CVE-2020-27793
An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...
CVE-2020-27793
An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...
Buffer overflow
An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...
UBUNTU-CVE-2020-27793
An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...
CVE-2020-27793
An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...
radare2 安全漏洞
radare2 is a set of libraries and tools for working with binary files. A security vulnerability exists in radare2, which stems from an array length mismatch in corejava.c. An attacker could exploit this vulnerability to perform a denial of service attack...
Function may fail when called due to the imprecise length of arrays to be looped (initialize function)
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Even though the array is calldata, there are...