18 matches found
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of restrictions on IPMI events and the reception of message requests. This vulnerability could...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that when the dm-raid module is used to stop an RAID array, the metadata devices become...
MAL-2025-160397 Malicious code in messi-urt-efsdsdus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41e5f5bee6dfa140b258995b1b57f2442b8094b98676a764e5720c0ff28327bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eko-ikan45-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c6ac94389d35eb8e383b226e53cb5a8112be028adb583c9355d56f8cb69b952 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-67081 Malicious code in broken-olive-fowl (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 701c3b9151f568cf54840add388d8e29980990fbfb2d3e9892077339aa50e29e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hadianto-esdoger41-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7de56a688a36d7202f72c57da79b618dbce4fb368291ccae74da206c1f803062 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Denial Of Service (DoS)
iperf is vulnerable to a Denial Of Service DoS. The vulnerability is due to a flaw in the iperf utility, causing it to hang indefinitely while waiting for the remainder or until the connection is closed, allows a malicious or malfunctioning client to send less data than expected to the iperf serv...
CVE-2024-1931
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...
CVE-2023-4320
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity...
CVE-2023-4320 Satellite: arithmetic overflow in satellite
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity...
PT-2023-28731 · Satellite · Satellite
Name of the Vulnerable Software and Affected Versions: Satellite affected versions not specified Description: An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker to create personal access tokens that are valid indefinitely,...
Malicious users can block listing
Lines of code Vulnerability details Impact In the OptimisticListingSeaport contract, any user with the Rae token corresponding to this Vault can call the propose function to create a listing proposal, which can be used for listing when the proposal exists over PROPOSALPERIOD. function listaddress...
CVE-2022-34772
Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the Tabit system is a 4 digit OTP. One can resend OTP and try logging in indefinitely. Once again, this is an example of OWASP: API4 - Rate limiting...
XC20Wrapper may lost received token forever if LocalAsset(xc20).mint is reverted indefinitely
Lines of code Vulnerability details Impact XC20Wrapper may lost received token forever if LocalAssetxc20.mint is reverted indefinitely. Similar to ERC20, the spec said that if mitn returns false it means minting is failed. But it is commonly revert instead of returning false which is also a minti...
CVE-2021-32986
After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout. If the programming software is interrupted, the PLC remains unlocked. All subsequent programming connections are allowed without...
CVE-2018-7158
It was found that the 'path' module from Node.js was vulnerable to a Regular Expression Denial of Service REDoS flaw. An attacker able to provide a specially crafted file path to a Node.js script could force it to hang indefinitely...
CVE-2017-16560
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes...
Updated pam package fixes security vulnerability
If SELinux is enabled, the unixrunhelperbinary function in Linux-PAM 1.1.8 and earlier hangs indefinitely when verifying a password of 65536 characters, which allows attackers to conduct username enumeration and denial of service attacks CVE-2015-3238...