9185 matches found
USN-5929-1: Linux kernel (Raspberry Pi) vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
[NAZ-M2] ReaperVaultERC4626.sol doesn't fully conform to EIP4626 implementation
Lines of code Vulnerability details Impact Specifically the two function maxDeposit && maxMint don't fully conform to EIP4626 implementation. Proof of Concept Looking at the following from EIP4626: This assumes that the user has infinite assets, i.e. MUST NOT rely on balanceOf of asset. This goes...
EulerOS 2.0 SP11 : containerd (EulerOS-SA-2023-1421)
According to the versions of the containerd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can...
EulerOS 2.0 SP11 : containerd (EulerOS-SA-2023-1406)
According to the versions of the containerd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can...
USN-5925-1: Linux kernel vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
Ubuntu: Security Advisory (USN-5915-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-5918-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5918-1 advisory. It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote...
CVE-2023-26487 Vega has cross-site scripting vulnerability in `lassoAppend` function
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs.lassoAppend' function accepts 3 arguments and internally invokes push function on the 1st argument specifying array consisting of 2nd and 3rd arguments as push call argument...
USN-5917-1: Linux kernel vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
USN-5914-1: Linux kernel (OEM) vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
Upgraded Q -> 2 from #633 [1677880427560]
Judge has assessed an item in Issue 633 as 2 risk. The relevant finding follows: Vault contract implementation does not disable initializers The Vault.sol contract should implement disableInitializers in its constructure to prevent implementation contracts from being initialized. As this contract...
LAPS : Randomizing Local Admin Passwords in Non-persistent Environments
Use LAPS inLocal Admin Passwords for Non-persistent Environments...
nistec has Incorrect Calculation in Multiplication of unreduced P-256 scalars
Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this. From the fix commit notes: Unlike the rest of nistec, the P-256 assembly doesn't use complete addition formulas, meaning that...
Ascii (crate) allows out-of-bounds array indexing in safe code
Affected version of this crate had implementation of From for &mut u8 and &mut str. This can result in out-of-bounds array indexing in safe code. The flaw was corrected in commit 8a6c779 by removing those impls...
Side-Channel Attack against CRYSTALS-Kyber
CRYSTALS-Kyber is one of the public-key algorithms currently recommended by NIST as part of its post-quantum cryptography standardization process. Researchers have just published a side-channel attack--using power consumption--against an implementation of the algorithm that was supposed to be...
openssl: timing attack in RSA Decryption implementation
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages...
RUSTSEC-2023-0015 Ascii allows out-of-bounds array indexing in safe code
Affected version of this crate had implementation of From for &mut u8 and &mut str. This can result in out-of-bounds array indexing in safe code. The flaw was corrected in commit 8a6c779 by removing those impls...
Ascii allows out-of-bounds array indexing in safe code
Affected version of this crate had implementation of From for &mut u8 and &mut str. This can result in out-of-bounds array indexing in safe code. The flaw was corrected in commit 8a6c779 by removing those impls...
changeRewardSpeed function at the MultiRewardStaking contract is incorrectly implemented and can leave the staking of a token on a denial of service state (copy)
Lines of code Vulnerability details Impact The changeRewardSpeed function from the MultiRewardStaking.sol contract lacks documentation on how exactly it should work. By its name and some comments above it, I infer that the function must change the rate of tokens rewards per unit of time. For...
Authentication flaw
A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender FEX when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the improper implementati...