CVE-2023-46232 era-compiler-vyper First Immutable Variable Initialization vulnerability

era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The proble...

PT-2023-29916 · Unknown · Era-Compiler-Vyper

Name of the Vulnerable Software and Affected Versions: era-compiler-vyper versions prior to 1.3.10 Description: The issue arises in the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. A bug prevented the initialization of the first immutabl...

CVE-2023-43697

Modification of Assumed-Immutable Data MAID in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP requests...

CVE-2023-43697

Modification of Assumed-Immutable Data MAID in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP requests...

Design/Logic Flaw

Modification of Assumed-Immutable Data MAID in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP requests...

CVE-2023-43697

Modification of Assumed-Immutable Data MAID in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP requests...

CVE-2023-28373 FlashArray SafeMode Immutable Vulnerability

A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode...

CVE-2023-4669

Authentication Bypass by Assumed-Immutable Data vulnerability in Exagate SYSGuard 3001 allows Authentication Bypass.This issue affects SYSGuard 3001: before 3.2.20.0...

CVE-2023-4669

Authentication Bypass by Assumed-Immutable Data vulnerability in Exagate SYSGuard 3001 allows Authentication Bypass. This issue affects SYSGuard 3001: before 3.2.20.0...

CVE-2023-4669 Authentication Bypass in Exagate SYSGuard 3001

Authentication Bypass by Assumed-Immutable Data vulnerability in Exagate SYSGuard 3001 allows Authentication Bypass. This issue affects SYSGuard 3001: before 3.2.20.0...

CVE-2023-4669 Authentication Bypass in Exagate SYSGuard 3001

Authentication Bypass by Assumed-Immutable Data vulnerability in Exagate SYSGuard 3001 allows Authentication Bypass. This issue affects SYSGuard 3001: before 3.2.20.0...

PT-2023-30161

Name of the Vulnerable Software and Affected Versions Exagate SYSGuard 3001 versions prior to 3.2.20.0 Description The issue is related to an Authentication Bypass by Assumed-Immutable Data vulnerability, which allows for authentication bypass. This vulnerability affects Exagate SYSGuard 3001...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2023-2771)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

protobuf-java: timeout in parser leads to DoS

A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted...

protobuf-java: Message-Type Extensions parsing issue leads to DoS

A flaw was found in Message-Type Extensions in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbag...

python-cryptography: memory corruption via immutable objects

A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2023-2664)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

python-cryptography: memory corruption via immutable objects

A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...

EulerOS Virtualization 2.9.0 : python-cryptography (EulerOS-SA-2023-2531)

According to the versions of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2023-2466)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...