Chromium: CVE-2021-4066 Integer underflow in ANGLE

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Google Chrome Security Updates (stable-channel-update-for-desktop-2021-02) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Chrome 数字错误漏洞

Google Chrome is a web browser from Google, Inc. A numeric error vulnerability exists in Google Chrome that stems from an integer underflow in the ANGLE module...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 22 security fixes, including: 1267661 High CVE-2021-4052: Use after free in web apps. Reported by Wei Yuan of MoyunSec VLab on 2021-11-07 1267791 High CVE-2021-4053: Use after free in UI. Reported by Rox on 2021-11-08 1265806 High CVE-2021-4079: Out ...

Multiple Siemens products with integer underflow vulnerability

Capital VSTAR is a complete solution. the Nucleus NET module integrates a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device. the Nucleus RTOS is a microkernel-based real-time operating...

Mozilla Firefox Security Advisory (MFSA2015-147) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Siemens Nucleus RTOS TCP/IP Stack

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Nucleus Net, Nucleus ReadyStart, Capital VSTAR Vulnerabilities: Type Confusion, Improper Validation of Specified Quantity in Input, Out-of-bounds Read, Improper Restriction of...

Zephyr integer underflow vulnerability

Zephyr is a small real-time operating system for interconnected, resource-constrained embedded devices. an integer underflow vulnerability in 6LoWPAN IPHC header decompression in Zephyr 2.4.0 and later can be exploited by attackers to cause out-of-bounds access in the Pv6 parsing logic...

CVE-2021-3323

Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. Zephyr versions = =2.4.0 contain Integer Underflow Wrap or Wraparound CWE-191. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-89j6-qpxf-pfpc...

CVE-2021-3323

Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. Zephyr versions = =2.4.0 contain Integer Underflow Wrap or Wraparound CWE-191. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-89j6-qpxf-pfpc...

CVE-2021-3321

Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal. Zephyr versions = =2.4.0 contain Integer Overflow to Buffer Overflow CWE-680. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-w44j-66g7-xw99...

Integer overflow

Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. Zephyr versions = =2.4.0 contain Integer Underflow Wrap or Wraparound CWE-191. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-89j6-qpxf-pfpc...

CVE-2021-3323

CVE-2021-3323 relates to an integer underflow in Zephyr’s 6LoWPAN IPHC header uncompression. Affected product: Zephyr RTOS (embedded, resource-constrained devices). Vulnerable component: 6LoWPAN IPHC header decompression logic. Root cause: integer underflow/wraparound (CWE-191) during IPHC proces...

CVE-2021-3323 Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr

Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. Zephyr versions = =2.4.0 contain Integer Underflow Wrap or Wraparound CWE-191. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-89j6-qpxf-pfpc...

CVE-2021-3321 Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal

Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal. Zephyr versions = =2.4.0 contain Integer Overflow to Buffer Overflow CWE-680. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-w44j-66g7-xw99...

CVE-2021-3321

Zephyr RTOS contains a numeric vulnerability: an Integer Underflow in IEEE 802154 Fragment Reassembly Header Removal. Per CVE-2021-3321, Zephyr versions >= 2.4.0 exhibit a transition from Integer Overflow to Buffer Overflow (CWE-680). The NVD entry cites a high impact (up to HIGH for confident...

Zephyr 数字错误漏洞

Zephyr is a small real-time operating system for interconnected, resource-constrained embedded devices. an integer underflow vulnerability in 6LoWPAN IPHC header decompression in Zephyr 2.4.0 and later can be exploited by attackers to cause out-of-bounds access in the Pv6 parsing logic...

Users cannot receive rewards from ConcentratedLiquidityPoolManager if their liquidity is too large

Handle broccoli Vulnerability details Impact There could be an integer underflow error when the reward of an incentive is claimed, forcing users to wait for a sufficient period or reduce their liquidity to claim the rewards. Proof of Concept The unclaimed reward that a user could claim is...

Integer underflow error in claimReward of ConcentratedLiquidityPoolManager

Handle broccoli Vulnerability details Impact The claimReward function of ConcentratedLiquidityPoolManager calculates the secondsUnclaimed variable using a formula with an unclear intention: uint256 secondsUnclaimed = maxTime - incentive.startTime 128 - incentive.secondsClaimed; This formula cause...

CVE-2021-41821

Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the manager...