121 matches found
IndexPool.sol#_pow() Wrong implementation
Handle WatchPug Vulnerability details function powuint256 a, uint256 n internal pure returns uint256 output output = n % 2 != 0 ? a : BASE; for n /= 2; n != 0; n /= 2 a = a a; if n % 2 != 0 output = output a; 1. a a without div by BASE will accumulate decimals unexpectedly and leads to overflow...
TridentRouter.addLiquidity() Add liquidity to IndexPool through TridentRouter may casue loss of a small portion of users funds
Handle WatchPug Vulnerability details The mint function in IndexPool requires the liquidity provider to transfer in amounts no less than the amounts of tokens' reserve proportionally to the toMint amount. However, the TridentRouter won't calculate the toMint amount and amountsIn for the liquidity...
CVE-2021-34573 Incorrect calculation in Enbra EWM does not report backflows or no flow events
In Enbra EWM in Version 1.7.29 together with several tested wireless M-Bus Sensors the events backflow and "no flow" are not reconized or misinterpreted. This may lead to wrong values and missing events...
GHSA-QJ3V-Q2VJ-4C8H Calculation error in ark-r1cs-std
An issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rust. It does not enforce any constraints in the FieldVar::mulbyinverse method. Thus, a prover can produce a proof that is unsound but is nonetheless verified...
The vulnerability of the fly-fm file manager, related to insufficient validation of input data, allows a hacker to trigger a service failure.
The vulnerability of the fly-fm file manager is related to incorrect calculation of MD5 in the program window. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
OpenLDAP Denial of Service Vulnerability (CNVD-2021-07934)
OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol LDAP. A denial of service vulnerability exists in OpenLDAP versions prior to 2.4.57. An attacker could exploit this vulnerability to cause a memch-bvlen calculation error and a slapd crash in saslAuthzTo...
CVE-2020-6113
An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will perform a calculation in order to allocate memory for...
Zomato: Mathematical error found in meals for one
NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out th Wrong calculation is done by the...
Integer overflow
Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,...
Denial Of Service (DoS)
mysql is vulnerable to denial of service DoS attacks. The vulnerability exists as Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service crash via a crafted geometry feature that specifies a large number of points, which is...
DimonCoin (FUD) Information Disclosure Vulnerability
DimonCoin FUD is a virtual currency system. A security vulnerability exists in the 'transferFrom' function of the smart contract implementation in DimonCoin FUD, which stems from an error in the computation of the included value. The vulnerability can be exploited by an attacker to steal assets...
CVE-2018-5208
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings...
CVE-2018-5208
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings...
Heap overflow
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings...
DEBIAN-CVE-2018-5208
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings...
CVE-2018-5208
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings...
CVE-2018-5208
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings...
CVE-2018-5208
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings...
UBUNTU-CVE-2018-5208
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings...
VulnCheck KEV: CVE-2011-0101
Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted RealTimeData record, related to a stTopic field, double-byte characters, and an incorrect pointer calculation, aka "Excel Record Parsing WriteAV Vulnerability."...