deploying contracts with forceDeployOnAddress will break contracts when callConstructor is false

Lines of code Vulnerability details Impact when function forceDeployOnAddress used for deploying contract and callConstructor is false, then contract's bytecodehash would stay in constructing state and calling the contract won't be possible. it can cause protocol and other contracts that are usin...

Users pay excessive gas cost for sending bytecode hashes to L1

Lines of code Vulnerability details Impact When deploying new contracts, users are forced to pay more gas than is required to publish the bytecode hash to the L1. Proof of Concept When users deploy new smart contracts, the protocol marks the hashes of the bytecodes of the contracts as known and...

[bootloader] A bytecode hash without the bytecode (preimage) can be marked as known, breaking the prover

Lines of code Vulnerability details This is a report of a finding in bootloader.yul. While the file is out of scope of the contest, the sponsor stated that they would still accept findings in the file and would judge them separately from the contest. Impact A bytecode hash for which the bytecode...

Bytecode Compressor Contract Replay Attack.

Lines of code Vulnerability details Impact Injection of duplicate code. Proof of Concept In the markBytecodeAsPublished function, the contract does not check whether a particular hash has already been added to the storage. The contract only checks the current marker value of the hash, which is se...

Security Bulletin: There is a vulnerability in Apache Commons BCEL used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-42920)

Summary There is a vulnerability in Apache Commons BCEL used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL could allow a remote attacker to bypass security restrictions, caused by an out-of-bounds writ...

Security Bulletin: CVE-2022-3676 may affect IBM CICS TX Standard

Summary Eclipse Openj9 with IBM Java could allow a remote attacker to bypass security restrictions, caused by improper runtime type check by the interface calls. By sending a specially-crafted request using bytecode, an attacker could exploit this vulnerability to access or modify memory. This...

K42795243: Apache Xalan Java Library vulnerability CVE-2022-34169

Security Advisory Description The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Jav...

SUSE CVE-2006-5463

Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object while it is executing...

SUSE CVE-2010-2520

Heap-based buffer overflow in the InsIUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font file...

SUSE CVE-2010-3880

net/ipv4/inetdiag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INETDIAG bytecode, which allows local users to cause a denial of service kernel infinite loop via crafted INETDIAGREQBYTECODE instructions in a netlink message that contains multiple attribute elements, as...

SUSE CVE-2011-2213

The inetdiagbcaudit function in net/ipv4/inetdiag.c in the Linux kernel before 2.6.39.3 does not properly audit INETDIAG bytecode, which allows local users to cause a denial of service kernel infinite loop via crafted INETDIAGREQBYTECODE instructions in a netlink message, as demonstrated by an...

SUSE CVE-2011-3627

The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service crash via vectors related to "recursion level" and 1 libclamav/bytecode.c and 2 libclamav/bytecodeapi.c...

SUSE CVE-2015-4335

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...

SUSE CVE-2018-5163

If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache JSBC for other JavaScript code. If the parent process then runs this replaced code, the...

SUSE CVE-2018-19184

cmd/evm/runner.go in Go Ethereum aka geth 1.8.17 allows attackers to cause a denial of service SEGV via crafted bytecode...

SUSE CVE-2018-19976

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine...

SUSE CVE-2019-10245

In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load...

SUSE CVE-2020-11722

Dungeon Crawl Stone Soup aka DCSS or crawl before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file...

SUSE CVE-2021-41041

In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles...

SUSE CVE-2022-34169

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...