137 matches found
GHSA-RXHX-9FJ6-6H2M enum_map macro can cause UB when `Enum` trait is incorrectly implemented
Affected versions of this crate did not properly check the length of an enum when using enummap! macro, trusting user-provided length. When the LENGTH in the Enum trait does not match the array length in the EnumArray trait, this can result in the initialization of the enum map with uninitialized...
`array!` macro is unsound when its length is impure constant
Affected versions of this crate did substitute the array length provided by an user at compile-time multiple times. When an impure constant expression is passed as an array length such as a result of an impure procedural macro, this can result in the initialization of an array with uninitialized...
There is a possibility of Token transfer getting stuck when using Erc1155BatchMessage
Lines of code Vulnerability details Impact In the event of user error while making the calldata for encodeTransferErc1155BatchMessage, where the size of the arrays of ids and amounts donot match, the message will get encoded due to no input validation, however the transfer will fail at the other...
RUSTSEC-2022-0010 enum_map macro can cause UB when `Enum` trait is incorrectly implemented
Affected versions of this crate did not properly check the length of an enum when using enummap! macro, trusting user-provided length. When the LENGTH in the Enum trait does not match the array length in the EnumArray trait, this can result in the initialization of the enum map with uninitialized...
NumPy buffer overflow vulnerability
NumPy is a Python scientific computing package. NumPy version 1.9 is vulnerable to a buffer overflow vulnerability caused by the lack of a limit on array length in the PyArrayNewFromDescrint function in ctor .c, which leads to a buffer overflow vulnerability that can be exploited to cause a denia...
NumPy 缓冲区错误漏洞
NumPy is a Python scientific computing package. NumPy version 1.9 is vulnerable to a buffer overflow vulnerability caused by the lack of a limit on array length in the PyArrayNewFromDescrint function in ctor .c, which leads to a buffer overflow vulnerability that can be exploited to cause a denia...
Drop of uninitialized memory in stack_dst
Affected versions of stackdst used a pushinner function that increased the internal length of the array and then called val.clone. If the val.clone call panics, the stack could drop an already dropped element or drop uninitialized memory. This issue was fixed in 2a4d538 by increasing the length o...
GHSA-45W7-7G63-2M5W Drop of uninitialized memory in stack_dst
Affected versions of stackdst used a pushinner function that increased the internal length of the array and then called val.clone. If the val.clone call panics, the stack could drop an already dropped element or drop uninitialized memory. This issue was fixed in 2a4d538 by increasing the length o...
GHSA-8MJX-H23H-W2PG Double free in stack_dst
Affected versions of stackdst used a pushinner function that increased the internal length of the array and then called val.clone. If the val.clone call panics, the stack could drop an already dropped element or drop uninitialized memory. This issue was fixed in 2a4d538 by increasing the length o...
Double free in stack_dst
Affected versions of stackdst used a pushinner function that increased the internal length of the array and then called val.clone. If the val.clone call panics, the stack could drop an already dropped element or drop uninitialized memory. This issue was fixed in 2a4d538 by increasing the length o...
GHSA-WCVP-R8J8-47PC Double free in toodee
When inserting rows from an iterator at a particular index, toodee would shift items over, duplicating their ownership. The space reserved for the new elements was based on the len returned by the ExactSizeIterator. This could result in elements in the array being freed twice if the iterator...
Double free in toodee
When inserting rows from an iterator at a particular index, toodee would shift items over, duplicating their ownership. The space reserved for the new elements was based on the len returned by the ExactSizeIterator. This could result in elements in the array being freed twice if the iterator...
CVE-2020-20178
Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account...
Denial of service
Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account...
CVE-2020-20178
Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account...
CVE-2020-20178
Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account...
QEMU 安全漏洞
QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU suffers from a security vulnerability that originates from a vulnerability that can be exploited by an attacker to affect array lengths an...
CVE-2020-11225
Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...
Memory corruption
Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...
Improper access control
Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...