95 matches found
Astra Linux - уязвимость в firefox
An invalid downcast from nsHTMLDocument to nsIContent could result in undefined behavior. This vulnerability affects Firefox versions earlier than 110...
CVE-2026-4931
Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...
EUVD-2026-19742
Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...
CVE-2026-4931
Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...
CVE-2026-4931 CVE-2026-4931
Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...
CVE-2026-4931
CVE-2026-4931 affects Smart contract Marginal v1, where an unsafe downcast in the contract enables attackers to settle a large debt position for a negligible asset cost. The publicly reported descriptions (NVD, Red Hat, ENISA EUVD, CNNVD, CVE lists) consistently state the same vulnerability and i...
CVE-2026-4931 CVE-2026-4931
Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...
CVE-2026-4931
Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...
PT-2026-30899
Name of the Vulnerable Software and Affected Versions Smart contract Marginal v1 affected versions not specified Description The Smart contract Marginal v1 contains an unsafe downcast issue. This allows attackers to settle a large debt position for a negligible asset cost. Recommendations At the...
Improper Input Validation
github.com/eclipse/paho.mqtt.golang is vulnerable to improper input validation. The vulnerability is due to unsafe conversion of string length from int32/int64 to int16 without overflow checks, which allows an attacker to craft oversized UTF-8 inputs that cause packet corruption or unintended dat...
MiracleLinux 8 : firefox-102.9.0-3.el8.ML.1 (AXSA:2023-5235:13)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5235:13 advisory. Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9...
EUVD-2017-17222
Malware in sbrugna...
EUVD-2023-29643
Malicious code in bioql PyPI...
EUVD-2023-29644
Malicious code in bioql PyPI...
RHEL 7 : thunderbird (RHSA-2023:1401)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1401 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0. Security Fixes: Mozilla:...
GHSA-4V52-7Q2X-V4XJ eyre: Parts of Report are dropped as the wrong type during downcast
In affected versions, after a Report is constructed using wraperr or wraperrwith to attach a message of type D onto an error of type E, then using downcast to recover ownership of either the value of type D or the value of type E, one of two things can go wrong: - If downcasting to E, there remai...
eyre: Parts of Report are dropped as the wrong type during downcast
In affected versions, after a Report is constructed using wraperr or wraperrwith to attach a message of type D onto an error of type E, then using downcast to recover ownership of either the value of type D or the value of type E, one of two things can go wrong: - If downcasting to E, there remai...
Parts of Report are dropped as the wrong type during downcast
In affected versions, after a Report is constructed using wraperr or wraperrwith to attach a message of type D onto an error of type E, then using downcast to recover ownership of either the value of type D or the value of type E, one of two things can go wrong: - If downcasting to E, there remai...
RUSTSEC-2024-0021 Parts of Report are dropped as the wrong type during downcast
In affected versions, after a Report is constructed using wraperr or wraperrwith to attach a message of type D onto an error of type E, then using downcast to recover ownership of either the value of type D or the value of type E, one of two things can go wrong: - If downcasting to E, there remai...
createLock, increaseAmount int128(int256(_value)) unsafe downcast can lead to asset loss
Lines of code Vulnerability details Impact Suppose users deposit more than typeint128.max value through createLock and increaseAmount, they may get less voting power and can't get the assets back. Proof of Concept The VotingEscrow.sol is forked from FIATDAO, but it seems don't consider a MEDIUM...