17 matches found
EUVD-2016-9984
Malware in sbrugna...
EUVD-2021-24875
Malware in sbrugna...
tcp: Correct signedness in skb remaining space calculation
...
Linux Distros Unpatched Vulnerability : CVE-2024-46729
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Fix incorrect size calculation for loop WHY feclken has size of 5 but sizeoffeclken has byte size 20 which is lager than the array size. HOW...
CVE-2023-52580 net/core: Fix ETH_P_1588 flow dissector
In the Linux kernel, the following vulnerability has been resolved: net/core: Fix ETHP1588 flow dissector When a PTP ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to skbflowdissect, nhoff value calculation is wrong. For example: hdr-messagelength takes t...
secRewardsPerShare Insufficient precision
Lines of code Vulnerability details Vulnerability details we also introduced the field secRewardDebt. The idea of this field is to enable any lending platforms that are integrated with Neofinance Coordinator to send their own rewards based on this value or rather the difference of this value sinc...
Unclaimed rewards will be stuck unrecoverable
Lines of code Vulnerability details Impact The vulnerability relies in: unchecked uint256 share = points PRECISION / pool.totalPoints totalReward; uint256 daoShare = share pool.daoTax / 100 DIVISOR; share /= PRECISION; daoShare /= PRECISION; return share - daoShare, daoShare; The problem is that ...
Minting and redeeming will break for fully minted tiers with reserveRate != 0 and reserveRate/MaxReserveRate tokens burned
Lines of code Vulnerability details Impact Minting and redeeming become impossible Proof of Concept uint256 numberOfNonReservesMinted = storedTier.initialQuantity - storedTier.remainingQuantity - reserveTokensMinted; uint256 numerator = uint256numberOfNonReservesMinted storedTier.reservedRate;...
CVE-2022-36025 Incorrect Conversion between Numeric Types in Besu Ethereum Client
Besu is a Java-based Ethereum client. In versions newer than 22.1.3 and prior to 22.7.1, Besu is subject to an Incorrect Conversion between Numeric Types. An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations including DELEGATECALL results in...
CVE-2022-39242 Incorrect Calculation in Frontier leads to inflated Ethereum chain gas prices
Frontier is an Ethereum compatibility layer for Substrate. Prior to commit d3beddc6911a559a3ecc9b3f08e153dbe37a8658, the worst case weight was always accounted as the block weight for all cases. In case of large EVM gas refunds, this can lead to block spamming attacks -- the adversary can constru...
_addTostakepadding() will return 0 for users who already had a stakepadding but would like to add on top of their previous stake with 'newStakePadding' on line 186-190(AbstractRewardMine.sol)
Handle 0xwags Vulnerability details Impact The handleStakePadding function handles the calculations for users without a prior stake padding and the ones who already had a stakepadding but want to add to their existing stakepadding. The condition within 'newStakePadding' will return false for user...
CVE-2020-13987
An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upperlayerchksum in net/ipv4/uip.c...
SUSE-SU-2018:1074-1 Security update for perl
This update for perl fixes the following issues: Security issues fixed: - CVE-2018-6913: Fixed space calculation issues in pppack.c bsc1082216. - CVE-2018-6798: Fixed heap buffer overflow in regexec.c bsc1082233. - CVE-2018-6797: Fixed sharp-s regexp overflow bsc1082234...
Debian: Security Advisory (DSA-4011-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-4799
pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service crash via a crafted image file that triggers an out-of-bounds read...
CVE-2007-3023
unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors...
Security update 1970-01-01
...