209 matches found
CVE-2024-32646 vyper performs double eval of the slice args when buffer from adhoc locations
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the slice builtin can result in a double eval vulnerability when the buffer argument is either msg.data, self.code or .code and either the start or length arguments have side-effects...
CVE-2024-32646
Vyper CVE-2024-32646 affects the Pythonic smart contract language. The vulnerability concerns the builtin slice when the buffer is msg.data, self.code, or .code and either the start or length has side-effects, causing a double evaluation of those side-effects. It is triggerable only in versions e...
PT-2024-24742 · Vyper · Vyper
Name of the Vulnerable Software and Affected Versions: Vyper versions 0.3.10 and prior Description: The issue arises from using the sqrt builtin in Vyper, which can result in a double eval vulnerability when the argument has side-effects. This occurs because the build IR function of the sqrt...
PT-2024-24740 · Vyper · Vyper
Name of the Vulnerable Software and Affected Versions: Vyper versions 0.3.10 and prior Description: Using the create from blueprint builtin can result in a double eval vulnerability when raw args=True and the args argument has side-effects. The build create IR function of the create from blueprin...
PT-2024-40659 · Unknown · Generatedjavaparser
Name of the Vulnerable Software and Affected Versions: GeneratedJavaParser affected versions not specified Description: A security exception crash has been reported. The crash involves the com.github.javaparser.GeneratedJavaParser.Expression class, the java.base/java.lang.String.startsWith method...
PT-2023-31461 · Cesanta · Mjs
Name of the Vulnerable Software and Affected Versions: Cesanta MJS versions 2.20.0 through 2.22.0 Description: The issue is related to an out-of-bounds read in the getprop builtin foreign function when a Built-in API name occurs in a substring of an input string. This can lead to a buffer overflo...
AZL-30045 CVE-2023-4156 affecting package gawk for versions less than 5.1.1-1
A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information...
The vulnerability in the builtin.c component allows for data reformatting according to specified templates using Gawk. This enables an attacker to gain unauthorized access to protected information or cause service failures.
The vulnerability of the builtin.c component, related to data reformatting functions using the Gawk template engine, stems from the operation of writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...
Business Logic Errors
vyper is vulnerable to Business Logic Errors. The vulnerability exists because the order of evaluation of the arguments of the builtin functions uint256addmod, uint256mulmod, ecadd and ecmul does not follow source order, which can be exploited by an attacker to create contracts that behave...
PYSEC-2023-168
Vyper is a Pythonic Smart Contract Language. In affected versions the order of evaluation of the arguments of the builtin functions uint256addmod, uint256mulmod, ecadd and ecmul does not follow source order. This behaviour is problematic when the evaluation of one of the arguments produces side...
CVE-2023-41052
Vyper CVE-2023-41052 affects the Pythonic smart contract language Vyper. In affected versions, the evaluation order of arguments to builtins uint256_addmod, uint256_mulmod, ecadd, and ecmul does not follow source order, which can cause side effects in one argument to be relied upon by others. The...
PT-2023-27764 · Vyper · Vyper
Name of the Vulnerable Software and Affected Versions: Vyper affected versions not specified Description: The order of evaluation of the arguments of the builtin functions uint256 addmod, uint256 mulmod, ecadd, and ecmul does not follow source order. This behavior is problematic when the evaluati...
Inosoft VisiWin 7 2022-2.1 Insecure Permissions / Privilege Escalation
Exploit Title: Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions Privilege Escalation Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://www.inosoft.com/ Version: Up to 2022-2.1 Runtime RT7.3 RC3 20221209.5 Tested on: Windows CVE:...
nodejs:16 security, bug fix, and enhancement update
nodejs 1:16.20.1-1 - Rebase to 16.20.1 Resolves: rhbz2188289 Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 - Replace /usr/etc/npmrc symlink with builtin configuration Resolves: rhbz2222288 nodejs-nodemon nodejs-packaging...
UBUNTU-CVE-2023-4156
A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information...
CLSA-2023-1688677908 Fix CVE(s): CVE-2021-45078
SECURITY UPDATE: heap-buffer-overflow - debian/patches/CVE-2021-45078.patch: fix out-of-bounds write in stabxcoffbuiltintype bz: 28694 - CVE-2021-45078...
UBUNTU-CVE-2020-22597
An issue in Jerrscript- project Jerryscrip v. 2.3.0 allows a remote attacker to execute arbitrary code via the ecmabuiltinarrayprototypeobjectslice parameter...
JerryScript 安全漏洞
JerryScript is a lightweight JavaScript engine from the Jerryscript project. A security vulnerability exists in JerryScript version 2.3.0 that originated from allowing an attacker to execute arbitrary code via the ecmabuiltinarrayprototypeobjectslice parameter...
SUSE CVE-2011-2525
The qdiscnotify function in net/sched/schapi.c in the Linux kernel before 2.6.35 does not prevent tcfillqdisc function calls referencing builtin aka CQFBUILTIN Qdisc structures, which allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified...
SUSE CVE-2019-15847
The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...