Lucene search
K

63 matches found

Cvelist
Cvelist
added 2025/09/17 2:56 p.m.9 views

CVE-2023-53336 media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings

In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings When ipubridgeparserotation and ipubridgeparseorientation run sensor-adev is not set yet. So if either of the devwarn calls about unknown values are hit this...

0.00187EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/03/14 12:0 a.m.7 views

The vulnerability of Microprogramming Software in Control Boards is related to the presence of vulnerabilities in the borrowed components. This allows attackers to compromise the confidentiality and accessibility of the protected information.

The vulnerability of Microprogramming Software in the Wiren Board controller is related to the presence of vulnerabilities in the borrowed components. Exploiting these vulnerabilities can allow a malicious actor, operating remotely, to compromise the confidentiality and accessibility of the...

9.4CVSS5.5AI score
Exploits0Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.11 views

The vulnerability of the software products of the LLC “NPO “MIR” is related to the presence of vulnerabilities in the borrowed components. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the software products developed by LLC “NPO ‘MIR’ is related to the presence of vulnerabilities in the borrowed components. Exploiting these vulnerabilities could allow attackers who operate remotely to compromise the confidentiality, integrity, and accessibility of the...

10CVSS5.5AI score
Exploits0Affected Software5
Github Security Blog
Github Security Blog
added 2024/10/15 3:30 p.m.20 views

PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references

The family of functions to read "borrowed" values from Python weak references were fundamentally unsound, because the weak reference does itself not have ownership of the value. At any point the last strong reference could be cleared and the borrowed value would become dangling. In PyO3 0.22.4...

5.3CVSS6.6AI score0.00204EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/10/15 2:8 p.m.5 views

GHSA-F8X4-F32R-W556 Duplicate Advisory: PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6jgw-rgmm-7cv6. This link is maintained to preserve external references. Original Advisory The family of functions to read "borrowed" values from Python weak references were fundamentally unsound, because the we...

4.8CVSS6.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.4 views

PT-2024-40267 · Pypi · Pyo3

Name of the Vulnerable Software and Affected Versions: PyO3 versions prior to 0.23 Description: The issue concerns a family of functions in PyO3 that read "borrowed" values from Python weak references. These functions were fundamentally unsound because the weak reference does not have ownership o...

4.8CVSS7.1AI score
Exploits0References4
RustSec
RustSec
added 2024/10/12 12:0 p.m.5 views

Risk of use-after-free in `borrowed` reads from Python weak references

The family of functions to read "borrowed" values from Python weak references were fundamentally unsound, because the weak reference does itself not have ownership of the value. At any point the last strong reference could be cleared and the borrowed value would become dangling. In PyO3 0.22.4...

5.3CVSS6.9AI score0.00204EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/17 12:0 a.m.1 views

PT-2024-41067 · Ооо 'Нпо Мир' · Scada Мир +4

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to a vulnerability in a borrowed component of the software products. Exploitation of this issue may allow a remote attacker to impact the confidentiality, integrity, and...

9.5CVSS7AI score
Exploits0References1
Cvelist
Cvelist
added 2024/04/06 8:31 a.m.26 views

CVE-2024-3363 SourceCodester Online Library System index.php sql injection

A vulnerability was found in SourceCodester Online Library System 1.0. It has been classified as critical. This affects an unknown part of the file admin/borrowed/index.php. The manipulation of the argument BookPublisher/BookTitle leads to sql injection. It is possible to initiate the attack...

7.5CVSS7.7AI score0.00851EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/04/06 12:0 a.m.5 views

PT-2024-25389 · Unknown · Sourcecodester Online Library System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Library System version 1.0 Description: A critical issue has been found in the SourceCodester Online Library System. This issue affects an unknown part of the file admin/borrowed/index.php. The manipulation of the...

9.8CVSS8AI score0.00851EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/04/06 12:0 a.m.4 views

Online Library System SQL注入漏洞

Online Library System is an open source online library system. A SQL injection vulnerability exists in SourceCodester Online Library System version 1.0, which originates from a SQL injection vulnerability in the BookPublisher/BookTitle parameter of the admin/borrowed/index.php file...

9.8CVSS7.9AI score0.00851EPSS
Exploits1References5
Code423n4
Code423n4
added 2023/12/21 12:0 a.m.9 views

Increase liquidity in close position may not cover original borrowed liquidity

Lines of code Vulnerability details Summary When a position is closed, there is no check to ensure that the effective added liquidity covers the original borrowed liquidity from the LP. Impact Closing a position in the Particle LAMM protocol must ensure that the borrowed liquidity gets fully adde...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/07/31 12:0 a.m.7 views

THERE IS NO FUNCTIONALITY TO LIQUIDATE THE DEPRECATED MTOKEN MARKETS

Lines of code Vulnerability details Impact The Mtoken markets configured for the respective collateral asset types can get deprecated due to various reasons associated with those assets. There should be functionality in the Comptroller.liquidateBorrowAllowed function to liquidate all the borrows ...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/10/30 12:0 a.m.6 views

DOLA can be borrowed without owning any DBR

Lines of code Vulnerability details Impact Although states that "one DBR token gives the right to borrow one DOLA for one year", and states that "a DOLA Fed mints DOLA to a market, which is then available to borrow for users holding DBR, using the Borrow function", users who do not own any DBR ar...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/10/20 12:0 a.m.9 views

borrow must accrueInterest first

Handle cmichel Vulnerability details The UToken.borrow function first checks the borrowed balance and the old credit limit before accruing the actual interest on the market: // @audit this uses the old value requireborrowBalanceViewmsg.sender + amount + fee = amount + fee, "UToken: The loan amoun...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/08/10 7:28 a.m.3 views

rust: optimization for joining strings can cause uninitialized bytes to be exposed

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS5.8AI score0.02025EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2021/04/23 7:0 a.m.5 views

In the standard library in Rust before 1.52.0 there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

...

8.2CVSS7AI score0.02025EPSS
Exploits0
NVD
NVD
added 2021/04/14 7:15 a.m.24 views

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS0.02025EPSS
Exploits0References7
OSV
OSV
added 2021/04/14 7:15 a.m.27 views

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS6.5AI score0.02025EPSS
Exploits0References7
OSV
OSV
added 2021/04/14 7:15 a.m.2 views

DEBIAN-CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS7.6AI score0.02025EPSS
Exploits0References1
Rows per page
Query Builder