Recursive call attack of the fallback function of Holographer

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The fallback function will forward all calls except those that appear in Holographer to the HolographerEnforcer which is obtained by calling address holographEnforcer = getHolographEnforcer; However, if...

harfbuzz: integer overflow in the component hb-ot-shape-fallback.cc

A vulnerability found in harfbuzz. An integer overflow in the hb-ot-shape-fallback.cc component allows attackers to cause a denial of service DoS via unspecified vectors...

harfbuzz: integer overflow in the component hb-ot-shape-fallback.cc

A vulnerability found in harfbuzz. An integer overflow in the hb-ot-shape-fallback.cc component allows attackers to cause a denial of service DoS via unspecified vectors...

PT-2022-7256 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 versions 1.0.8 Description: The issue is related to a stack-buffer-overflow in the put epel hv fallback function when handling unsigned short data types. This allows attackers to cause a Denial of Service DoS via a crafted video file...

PT-2022-7254 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 versions prior to 1.0.11 Description: The issue is related to a heap-buffer-overflow in the put weighted pred avg 16 fallback function, located in fallback-motion.cc, which can be exploited by attackers to cause a Denial of Service D...

PT-2022-7261 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.8 Description: The issue is related to a heap-buffer-overflow vulnerability in the put epel 16 fallback function of the Libde265 video codec implementation for h.265. This vulnerability can be exploited by a remote attack...

PT-2022-7257 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.8 Description: The issue is related to a stack-buffer-overflow vulnerability via the put qpel fallback function in fallback-motion.cc, which can be exploited by attackers to cause a Denial of Service DoS using a crafted...

The vulnerability of the hb-ot-shape-fallback.cc component in the Harfbuzz text transformation library, which allows a hacker to trigger a service failure.

The vulnerability of the hb-ot-shape-fallback.cc component in the Harfbuzz text transformation library is related to a numerical overflow in the hb-ot-shape-fallback.cc file. Exploiting this vulnerability could allow an attacker to cause a service failure by sending specially crafted data to the...

ROS-20220721-02

A vulnerability in the Harfbuzz text conversion library involves an integer overflow in the hb-ot-shape-fallback.cc file. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow, and cause the applicatio...

AxelarDepositService: When wrappedToken is not weth, sendNative may cause users to lose ether.

Lines of code Vulnerability details Impact In the sendNative function of the AxelarDepositService contract, the wrappedToken address is treated as weth-like and the wrappedToken's deposit function is called. If the wrappedToken address is TokenType.External token and is not weth-like and the...

GHSA-QQ3J-44GW-CF6R Eclipse Californium denial of service (DoS) via Datagram Transport Layer Security (DTLS) handshake on parameter mismatch

In Eclipse Californium versions 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without using a HelloVerifyRequest. Especially, if used with certificate based cipher suites, that results in message amplification DDoS other pee...

OESA-2022-1777 harfbuzz security update

HarfBuzz is a text-shaping engine. If you give HarfBuzz a font and a string containing a sequence of Unicode codepoints, HarfBuzz selects and positions the corresponding glyphs from the font, applying all of the necessary layout rules and font features. HarfBuzz then returns the string to you in...

Call() should be used instead of transfer() on an address payable

Lines of code Vulnerability details Impact The use of the deprecated transfer function for an address will inevitably make the transaction fail when : 1. The withdrawer smart contract does not implement a payable fallback function. 2. The withdrawer smart contract implements a payable fallback...

Contract TresureDelegate.sol could be destructed

Lines of code Vulnerability details Impact The contract simply could be destructed by anyone. Proof of Concept The question is how?! Imagine, that the recipient account has a fallback function with a selfdestruct in it. ./attack.sol contract attack fallback external payable...

ALPINE-CVE-2022-33068

An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service DoS via unspecified vectors...

CVE-2022-33068

An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service DoS via unspecified vectors...

UBUNTU-CVE-2022-33068

An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service DoS via unspecified vectors...

HarfBuzz 输入验证错误漏洞

HarfBuzz is a text engine for OpenType fonts. HarfBuzz v4.3.0 is vulnerable to a denial of service vulnerability caused by an integer overflow in the hb-ot-shape-fallback.cc component, which can be exploited to cause a denial of service DoS via an unspecified vector...

Upgraded Q -> M from 205 [1655579891083]

Judge has assessed an item in Issue 205 as Medium risk. The relevant finding follows: transfer and send methods are used inside the codebase. Since these methods use 2300 gas stipend which is not adjustable,it may likely to get broken when calling a contract's fallback function if any contract...

IsWrappedFcash check is a gas bomb

Lines of code Vulnerability details Impact In the isWrappedFCash check, the notionalTradeModule check whether the component is a wrappedCash with the following logic. try IWrappedfCashfCashPosition.getDecodedID returnsuint16 currencyId, uint40 maturity try...