CVE-2024-30259

CVE-2024-30259 affects eProsima Fast DDS (DDS) up to patch versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8. A heap buffer overflow occurs on the subscriber when a publisher sends a malformed RTPS packet, potentially causing a remote crash and a denial of service. The issue is fixed in the cited patche...

Wrong WAD calculation in AccountingEngine contract leading to start auction with selling amount minimum 100 time bigger than expected

Lines of code Vulnerability details Impact In the Math library, 1 WAD is equal to 1e18 which is assumed 1 For example: wmul2e18, 4e18 = 8e18 In AccountingEngine contract, the devs assumed that 1 WAD is equal to 0.01 1%, 100 WAD is equal to 1 100%. Hence, the function auctionSurplus will make star...

NewAtlanta ServletExec/ISAPI 4.1 JSPServlet Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4796/info ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems. A denial of service condition occurs when the JSPServlet is sent an overly long...

SuSE 11.3 Security Update : MozillaFirefox (SAT Patch Number 9049)

Mozilla Firefox was updated to 24.4.0ESR release, fixing various security issues and bugs : - Mozilla developers and community identified identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of...

Slackware 8.1 / 9.0 / current : inetd DoS patched (SSA:2003-251-01)

Upgraded inetd packages are available for Slackware 8.1, 9.0 and - -current. These fix a previously hard-coded limit of 256 connections-per-minute, after which the given service is disabled for ten minutes. An attacker could use a quick burst of connections every ten minutes to effectively disabl...