CVE-2021-21271

Tendermint Core is an open source Byzantine Fault Tolerant BFT middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, w...

RLSA-2024:7851 Important: .NET 6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.135 and .NET Runtime 6.0.35...

Important: Red Hat Security Advisory: .NET 6.0 security update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList

A flaw was found in dotnet. The System.IO.Packaging library may allow untrusted inputs to influence algorithmically complex operations, resulting in a denial of service...

Important: .NET 6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.135 and .NET Runtime 6.0.35...

[SECURITY] [DLA 3606-1] freerdp2 security update

Debian LTS Advisory DLA-3606-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost October 07, 2023 https://wiki.debian.org/LTS Package : freerdp2 Version : 2.3.0+dfsg1-2+deb10u3 CVE ID : CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-11017 CVE-2020-110...

CVE-2022-36659

xhyve commit dfbe09b was discovered to contain a NULL pointer dereference via the component vipciwrite. This vulnerability allows attackers to cause a Denial of Service via unspecified vectors...

Design/Logic Flaw

Tendermint Core is an open source Byzantine Fault Tolerant BFT middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, w...

CVE-2021-21271

Tendermint Core CVE-2021-21271 describes a DoS due to timestamp miscalculation of DuplicateVoteEvidence during consensus. In v0.34.0–v0.34.2, the consensus reactor formed DuplicateVoteEvidence using last-commit timestamps, which could differ across nodes for the same height since a block hadn’t f...