Lucene search
K

212 matches found

NVD
NVD
added 2024/04/30 12:15 a.m.14 views

CVE-2024-34045

The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for message.peerInfo-countersININITIMSGCOUNTERProcedureCodeidE2setup-Increment...

7.5CVSS6.6AI score0.00515EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.3 views

O-RAN E2T 安全漏洞

O-RAN E2T is an application from O-RAN, Inc. A security vulnerability exists in O-RAN E2T that stems from a possible crash in the indicator increment function...

7.5CVSS6.8AI score0.00515EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.5 views

PT-2024-25663 · Unknown · O-Ran E2T I-Release

Name of the Vulnerable Software and Affected Versions: O-RAN E2T I-Release affected versions not specified Description: The issue concerns the O-RAN E2T I-Release Prometheus metric Increment function, which can crash in sctpThread.cpp. This crash occurs when the Increment function is called for...

7.5CVSS7AI score0.00515EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/29 12:0 a.m.23 views

CVE-2024-34046

The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for message.peerInfo-sctpParams-e2tCountersINSUCCMSGCOUNTERProcedureCodeidRICsubscription-Increment...

6.9AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/29 12:0 a.m.18 views

CVE-2024-34045

The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for message.peerInfo-countersININITIMSGCOUNTERProcedureCodeidE2setup-Increment...

6.9AI score0.00515EPSS
Exploits0References1
NVD
NVD
added 2024/04/28 1:15 p.m.14 views

CVE-2022-48632

In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbfi2csmbusstarttransaction memcpy is called in a loop while 'operation-length' upper bound is not checked and 'dataidx' also increments...

7.8CVSS7.6AI score0.00253EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 11:20 a.m.21 views

BIT-TENSORFLOW-2021-29512 Heap buffer overflow in `RaggedBinCount`

TensorFlow is an end-to-end open source platform for machine learning. If the splits argument of RaggedBincount does not specify a valid SparseTensorhttps://www.tensorflow.org/apidocs/python/tf/sparse/SparseTensor, then an attacker can trigger a heap buffer overflow. This will cause a read from...

7.8CVSS7.5AI score0.00211EPSS
Exploits1References3
OSV
OSV
added 2024/01/24 8:53 p.m.18 views

GHSA-7G9J-G5JG-3VV3 Unauthenticated Nonce Increment in snow

Impact There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with the ability to inject packets into the channel Noise is talking over, this allows a denial-of-service type attack which could prevent communication as it...

3.1CVSS6AI score0.00387EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/01/24 8:53 p.m.20 views

Unauthenticated Nonce Increment in snow

Impact There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with the ability to inject packets into the channel Noise is talking over, this allows a denial-of-service type attack which could prevent communication as it...

4.3CVSS6AI score0.00387EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/01/23 12:0 p.m.26 views

RUSTSEC-2024-0011 Unauthenticated Nonce Increment in snow

There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with privileges to inject packets into the channel over which the Noise session operates, this could allow a denial-of-service attack which could prevent message...

4.3CVSS7AI score0.00387EPSS
Exploits0References3
RustSec
RustSec
added 2024/01/23 12:0 p.m.7 views

Unauthenticated Nonce Increment in snow

There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with privileges to inject packets into the channel over which the Noise session operates, this could allow a denial-of-service attack which could prevent message...

4.3CVSS7AI score0.00387EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/23 12:0 a.m.4 views

PT-2025-31024 · Snow · Snow

Name of the Vulnerable Software and Affected Versions: snow crate versions prior to 0.9.5 Description: The snow crate, when using stateful TransportState, allows incrementing a nonce, potentially leading to denial of message delivery. Recommendations: Update to snow crate version 0.9.5 or later...

4.3CVSS6.2AI score0.00387EPSS
Exploits0References16
Code423n4
Code423n4
added 2023/12/21 12:0 a.m.11 views

Overflow potential

Lines of code Vulnerability details Overflow: Be cautious about integer overflow when incrementing size. Depending on how the size variable is used in your contract, it might be beneficial to check for potential overflow conditions. requiresize typeuint256.max, "Heap size exceeds maximum"; Assess...

7.3AI score
Exploits0
Code423n4
Code423n4
added 2023/12/21 12:0 a.m.10 views

voteForManyWithSig functions in CultureIndex are open to replay attacks if fails.

Lines of code Vulnerability details Impact If vote fails or reverts for any reason, the nonce in verifyVoteSignature doesn't increment. This leads to the same vote tx being replayed by anyone. Proof of Concept A user submits a vote via voteForManyWithSig, triggering verifyVoteSignature for...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/12/08 12:0 a.m.15 views

The protocol is susceptible to reentrancy attacks.

Lines of code Vulnerability details Reentrancy is a well know bug in smart contract and the protocol is not handling it, The safeMint function in ERC721 make a callback to the receiver checking if they can hold a nft, this can be used to a receiver to take control of the execution of the call. in...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/11/13 12:0 a.m.6 views

Last token of maximum supply can be paid, but it isn't minted nor reverted.

Lines of code Vulnerability details Description collectionCirculationSupply is incremented in each mint and it's used to check if the mint don't overtakes the collection's max supply. However, it increments before the check, which makes that although last token is in the max supply range, the...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/11/13 12:0 a.m.8 views

Minting nft with Index 0 is not allowed

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The constructor of the NextGenCore.sol contract includes an increment operation for the newCollectionIndex variable, ensuring that the newCollectionIndex start from 1. While adding or modifying addition...

7.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.10 views

kernel: tcp: tcp_make_synack() can be called from process context

In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can be called from process context tcprtxsynack now could be called in process context as explained in 0a375c822497 "tcp: tcprtxsynack can be called from process context". tcprtxsynack might call tcpmakesynack,...

5.5CVSS6.3AI score0.00155EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/10/04 12:0 a.m.36 views

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6415-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6415-1 advisory. Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow...

9.8CVSS8AI score0.0616EPSS
Exploits4References9
OSV
OSV
added 2023/07/13 5:2 p.m.20 views

GHSA-J494-7X2V-VVVP mx-chain-go's relayed transactions always increment nonce

Impact When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on a targeted account. The fix is a breaking change so a new flag RelayedNonceFixEnableEpoch was...

7.1CVSS5.8AI score0.0107EPSS
Exploits0References6
Rows per page
Query Builder