Lucene search
K

75 matches found

Cloud Foundry
Cloud Foundry
added 2024/02/29 12:0 a.m.25 views

USN-6627-1: libde265 vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a...

9.8CVSS7.4AI score0.0202EPSS
Exploits18Affected Software2
Ubuntu
Ubuntu
added 2024/02/08 1:48 p.m.78 views

USN-6627-1: libde265 vulnerabilities

It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. CVE-2021-35452, CVE-2021-36411, CVE-2022-43238, CVE-2022-43241,...

9.8CVSS7.1AI score0.0202EPSS
Exploits18
Code423n4
Code423n4
added 2023/12/08 12:0 a.m.8 views

Ocean.doMultipleInteractions() cannot wrap ether

Lines of code Vulnerability details Bug Description doMultipleInteractions in Ocean.sol attempts to wrap ether but reverts due to a logical error. The internal helper function, doMultipleInteractions, includes the following: if msg.value != 0 balanceDeltas.increaseBalanceDeltaWRAPPEDETHERID,...

7.1AI score
Exploits0
OSV
OSV
added 2023/08/09 8:57 p.m.22 views

GHSA-8C37-7QX3-4C4P Blst has logical error in SigValidate in Go bindings

Impact Blst versions v0.3.0 through 0.3.10 failed to perform a signature group-check if the call to SigValidate in the Go bindings was complemented with a check for infinity. Formally speaking, infinity, or the identity element of the elliptic curve group, is a member of the group, and the...

6.8AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/08/09 8:57 p.m.23 views

Blst has logical error in SigValidate in Go bindings

Impact Blst versions v0.3.0 through 0.3.10 failed to perform a signature group-check if the call to SigValidate in the Go bindings was complemented with a check for infinity. Formally speaking, infinity, or the identity element of the elliptic curve group, is a member of the group, and the...

6.6AI score
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.3 views

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that originates from a logic...

6.8CVSS6.6AI score0.00775EPSS
Exploits0References2
Veracode
Veracode
added 2023/02/14 6:32 a.m.23 views

Privilege Escalation

tor:sid is vulnerable to privilege escalation. A logical error allows unsafe SOCKS4 protocol to be used but not the safe SOCKS4a protocol leading to unsafe traffic being allowed to pass...

6.5CVSS6.5AI score0.00832EPSS
Exploits1References11Affected Software1
Code423n4
Code423n4
added 2023/02/07 12:0 a.m.11 views

Core functionality is not working due to revert in _verifyCreatorOrOwner()

Lines of code Vulnerability details Impact It is not possible to pause/unpause vaults and adaptors nor add staking reward tokens since the verifyCreatorOrOwner function reverts due to a logical error. Proof of Concept The following logic is used to determine if msg.sender is a creator or owner of...

7.2AI score
Exploits0
Redos
Redos
added 2022/12/22 12:0 a.m.73 views

ROS-20221222-02

A vulnerability in the cURL command-line utility is related to a bounds error in parsing the .netrc file. Exploitation vulnerability could allow an attacker acting remotely to transfer a specially crafted file, cause a stack-based buffer overflow, and perform a denial of service DoS attack The cU...

6.5CVSS8AI score0.01761EPSS
Exploits1
CNVD
CNVD
added 2022/11/23 12:0 a.m.27 views

Google TensorFlow code issue vulnerability (CNVD-2022-80685)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A code issue vulnerability exists in Google TensorFlow, which stems from a logical error in the organization of data, where the conversion from char to bool is undefined if the const char array is not 0...

7.5CVSS2.4AI score0.00389EPSS
Exploits0References1
Code423n4
Code423n4
added 2022/10/23 12:0 a.m.20 views

Logical error in function getSwapOut

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. There is a logical error between lines 178-184 for function getSwapOut in contract LBRouter if amountIn != 0 activeId = LBPair.findFirstNonEmptyBinIduint24activeId, swapForY; else break; // end while if...

7AI score
Exploits0
CNVD
CNVD
added 2022/09/30 12:0 a.m.38 views

Cisco IOS XE Wireless Controller software denial of service vulnerability

A denial of service vulnerability exists in Cisco IOS XE Wireless Controller Software, a wireless LAN controller from Cisco, which stems from a logical error in the handling of CAPWAP Mobility The vulnerability is caused by a logic error and mismanagement of resources when handling CAPWAP Mobilit...

2.7AI score0.01083EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/07/15 12:0 a.m.40 views

EulerOS Virtualization 2.10.0 : util-linux (EulerOS-SA-2022-2041)

According to the versions of the util-linux package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an...

5.5CVSS6.2AI score0.00634EPSS
Exploits4References4
Cvelist
Cvelist
added 2022/03/09 8:23 p.m.39 views

CVE-2022-0618

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS or HTTP/2 PUSHPROMISE frame where the frame contains padding information...

7.6AI score0.01248EPSS
Exploits0References1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/11 12:0 a.m.13 views

Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pgfx-g6rc-8cjv. This link is maintained to preserve external references. Original Description A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a...

7.5CVSS7.1AI score0.01354EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/02/09 11:15 p.m.8 views

CVE-2022-24666

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS fram...

7.5CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2022/02/09 11:15 p.m.10 views

Design/Logic Flaw

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS fram...

5CVSS7.3AI score0.01354EPSS
Exploits0References1Affected Software1
Redos
Redos
added 2022/02/01 12:0 a.m.39 views

ROS-20220125-02

Nginx web server vulnerability is related to a logical error in TLS implementation when working with different protocols but using compatible certificates, such as multi-domain or wildcard certificates. certificates. Exploitation of the vulnerability could allow an attacker acting remotely to...

7.4CVSS7.4AI score0.02037EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/12/01 12:0 a.m.2 views

The vulnerability of Mac OS operating systems, related to logical errors, allows attackers to circumvent security restrictions.

The vulnerability of Mac OS operating systems arises due to a logical error in the implementation of system configuration settings. Exploiting this vulnerability allows an attacker to bypass security restrictions remotely...

6.5CVSS6.6AI score0.68531EPSS
Exploits5References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.7 views

The vulnerability in the processing of IPv6 traffic by the Cisco IOS XE operating system allows a attacker to trigger a service failure.

The vulnerability of Cisco IOS XE operating system’s IPv6 traffic processing is related to a logical error in the processing of certain local IPv6 traffic. Exploiting this vulnerability can allow attackers to cause service failures...

7.4CVSS7.2AI score0.00757EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder