9178 matches found
Integer Overflow/Underflow in function fundTreasury.
Lines of code Vulnerability details Impact fundTreasury function in the GrantFund.sol contract is vulnerable to integer overflow if the value of treasury variable is close to the maximum value of a uint256 integer, which is 2^256-1, and a large value of fundingAmount is added to it. It is possibl...
USN-6072-1: Linux kernel (OEM) vulnerabilities
It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...
USN-6071-1: Linux kernel (OEM) vulnerabilities
It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...
CVE-2023-25568
CVE-2023-25568 affects Boxo (formerly go-libipfs) Bitswap/server. In Boxo versions 0.4.0 and 0.5.0, an attacker can allocate unbounded bytes in the Bitswap server, with allocations persisting after the connection closes, impacting users accepting untrusted connections and users importing old bits...
Mitigation of M-07: Issue not mitigated
MITIGATION IS NOT CONFIRMED MITIGATION IS NOT CONFIRMED Mitigation of M-07: Issue not mitigated Link to Issue: code-423n4/2023-03-asymmetry-findings765 Comments While the principal issue for M-07 described a de-peg scenario, which eventually was interpreted as a "black swan" event, I do think the...
[SECURITY] Fedora 38 Update: rust-rpm-sequoia-1.4.0-2.fc38
An implementation of the RPM PGP interface using Sequoia...
USN-6057-1 linux-intel-iotg vulnerabilities
It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the OverlayFS...
Chromium: CVE-2023-2462 Inappropriate implementation in Prompts
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2023-2459 Inappropriate implementation in Prompts
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2023-2468 Inappropriate implementation in PictureInPicture
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2023-2465 Inappropriate implementation in CORS
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Debian DSA-5398-1 : chromium - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5398 advisory. - Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML...
StrategyBase.underlyingToShares() cannot be overridden to intended mutability
Lines of code Vulnerability details Impact An implementation of underlyingToShares, as inherited from StrategyBase.sol, cannot contrary to intentions make state modifications. This implies that StrategyBase.sol may become useless as a base contract to inherit from. Proof of Concept StrategyBase.s...
Users can avoid getting their queuedWithdrawal slashed because of the wrong implementation.
Lines of code Vulnerability details Impact Users can avoid getting their queuedWithdrawal slashed because of the wrong implementation. Proof of Concept Let's take a look at the following code snippet from StrategyManagerslashQueuedWithdrawal. // keeps track of the index in the indicesToSkip array...
StrategyBase.sharesToUnderlying() cannot be overridden to intended mutability
Lines of code Vulnerability details Impact An implementation of sharesToUnderlying, as inherited from StrategyBase.sol, cannot contrary to intentions make state modifications. This implies that StrategyBase.sol may become useless as a base contract to inherit from. Proof of Concept StrategyBase.s...
Input validation
Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with...
CVE-2023-1385
Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with...
CVE-2023-2464
Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-2466
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. Chromium security severity: Low...
CVE-2023-2463
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...