90 matches found
Attacker can frontrun and reenter this function causing users to get griefed
Lines of code Vulnerability details Impact 1. attacker calls createFor and there is reentracy in safemint and an attacker can reenter and just keep increasing count just a side note 2. but what an attacker can do is when a user wants to call this function or launch a project an attacker frontruns...
GSD-2022-1004089 dm stats: add cond_resched when looping over entries
dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.317 by commit...
GSD-2022-1004008 dm stats: add cond_resched when looping over entries
dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.282 by commit...
GSD-2022-1003914 dm stats: add cond_resched when looping over entries
dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.246 by commit...
GSD-2022-1003787 dm stats: add cond_resched when looping over entries
dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.197 by commit...
GSD-2022-1003644 dm stats: add cond_resched when looping over entries
dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.120 by commit...
GSD-2022-1002850 dm stats: add cond_resched when looping over entries
dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.2 by commit...
execute() and executeWithBatch1155() functions are susceptible to DoS
Lines of code Vulnerability details Impact execute and executeWithBatch1155 are external functions. Both functions run for loops, boundary of which are determined by the function arguments. Anytime there's a loop where the input comes from an external source there's the possibility of unbounded...
execute() and executeWithBatch1155() functions are susceptible to DoS
Lines of code Vulnerability details Impact execute and executeWithBatch1155 are external functions. Both functions run for loops, boundary of which are determined by the function arguments. Anytime there's a loop where the input comes from an external source there's the possibility of unbounded...
The vulnerability of the PJSIP multimedia communication library, related to executing a loop with an unavailable exit condition, allows attackers to cause service failures.
The vulnerability of the PJSIP multimedia communication library lies in the execution of a loop with an unavailable exit condition during the processing of WAV/AVI files. Exploiting this vulnerability can allow a malicious actor to cause service failures...
Looping from a long list of storage can impact other people paying more gas than it used to
Handle Fitraldys Vulnerability details Impact In the it will loop through an entire indexList array this doesnt immedietely impact other user, however when there is many user call allocateCredit this function will add another indexlist if the user didnt exist in the first place. Lets say the time...
Looping over dynamic array might result in DoS through the block gas limit
Handle Ruhum Vulnerability details Impact Because of the block gas limit, looping over a dynamic array that grows over time might result in a DoS at some point. Both the PoolTemplate and the IndexTemplate have such dynamic arrays. Both don't have any functionality to decrease the size. Meaning, i...
Security Bulletin: Apache PDFBox Vulnerabilities Affect IBM Control Center (CVE-2021-31811, CVE-2021-31812)
Summary Apache PDFBox is vulnerable to denial of service due to possible out of memory or infinite looping conditions. Vulnerability Details CVEID: CVE-2021-31811 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an out-of-memory exception while loading a file. By...
Fedora: Security Advisory for gifsicle (FEDORA-2021-c351011066)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
ROS-2-1166
2.1166 Vulnerability in GNU C Library glibc 2.32 CVE-2016-10228,CVE-2020-10029. 1. Vulnerability Description: CVE-2016-10228 Looping in iconv utility, manifested when run with "-c" option, in case of incorrect multibyte data processing. CVE-2020-10029 Stack corruption when trigonometric functions...
ROS-2-457
2.457 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...
ROS-2-439
2.439 Vulnerability in GNU C Library glibc 2.32 CVE-2016-10228,CVE-2020-10029. 1. Vulnerability Description: CVE-2016-10228 Looping in iconv utility, manifested when run with "-c" option, in case of incorrect multibyte data processing. CVE-2020-10029 Stack corruption when trigonometric functions...
The vulnerability of the DVMRP (Distance Vector Multicast Routing Protocol) implementation in Juniper Networks’ Junos OS-based QFX10K routers allows a attacker to cause service interruptions.
The vulnerability of the DVMRP Distance Vector Multicast Routing Protocol implementation in Juniper Networks’ Junos OS-based QFX10K routers stems from packet looping due to incorrect comparison of Ethernet segment identifiers. Exploiting this vulnerability can allow a malicious actor to cause...
GHSA-CWV3-863G-39VX Stack overflow due to looping TFLite subgraph
Impact TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be replaced by stack overflow due to too many recursive calls. For...
Stack overflow due to looping TFLite subgraph
Impact TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be replaced by stack overflow due to too many recursive calls. For...