Lucene search
K

90 matches found

Code423n4
Code423n4
added 2022/07/08 12:0 a.m.7 views

Attacker can frontrun and reenter this function causing users to get griefed

Lines of code Vulnerability details Impact 1. attacker calls createFor and there is reentracy in safemint and an attacker can reenter and just keep increasing count just a side note 2. but what an attacker can do is when a user wants to call this function or launch a project an attacker frontruns...

6.7AI score
Exploits0
OSV
OSV
added 2022/06/28 8:20 p.m.10 views

GSD-2022-1004089 dm stats: add cond_resched when looping over entries

dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.317 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/06/28 8:11 p.m.11 views

GSD-2022-1004008 dm stats: add cond_resched when looping over entries

dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.282 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/06/28 8:1 p.m.12 views

GSD-2022-1003914 dm stats: add cond_resched when looping over entries

dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.246 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/06/28 7:48 p.m.11 views

GSD-2022-1003787 dm stats: add cond_resched when looping over entries

dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.197 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/06/28 7:34 p.m.9 views

GSD-2022-1003644 dm stats: add cond_resched when looping over entries

dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.120 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/06/28 6:23 p.m.13 views

GSD-2022-1002850 dm stats: add cond_resched when looping over entries

dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.2 by commit...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2022/06/03 12:0 a.m.21 views

execute() and executeWithBatch1155() functions are susceptible to DoS

Lines of code Vulnerability details Impact execute and executeWithBatch1155 are external functions. Both functions run for loops, boundary of which are determined by the function arguments. Anytime there's a loop where the input comes from an external source there's the possibility of unbounded...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/31 12:0 a.m.9 views

execute() and executeWithBatch1155() functions are susceptible to DoS

Lines of code Vulnerability details Impact execute and executeWithBatch1155 are external functions. Both functions run for loops, boundary of which are determined by the function arguments. Anytime there's a loop where the input comes from an external source there's the possibility of unbounded...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/05/30 12:0 a.m.10 views

The vulnerability of the PJSIP multimedia communication library, related to executing a loop with an unavailable exit condition, allows attackers to cause service failures.

The vulnerability of the PJSIP multimedia communication library lies in the execution of a loop with an unavailable exit condition during the processing of WAV/AVI files. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS7.3AI score0.01779EPSS
Exploits0References8Affected Software4
Code423n4
Code423n4
added 2022/01/13 12:0 a.m.8 views

Looping from a long list of storage can impact other people paying more gas than it used to

Handle Fitraldys Vulnerability details Impact In the it will loop through an entire indexList array this doesnt immedietely impact other user, however when there is many user call allocateCredit this function will add another indexlist if the user didnt exist in the first place. Lets say the time...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/01/13 12:0 a.m.10 views

Looping over dynamic array might result in DoS through the block gas limit

Handle Ruhum Vulnerability details Impact Because of the block gas limit, looping over a dynamic array that grows over time might result in a DoS at some point. Both the PoolTemplate and the IndexTemplate have such dynamic arrays. Both don't have any functionality to decrease the size. Meaning, i...

6.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/13 10:27 p.m.43 views

Security Bulletin: Apache PDFBox Vulnerabilities Affect IBM Control Center (CVE-2021-31811, CVE-2021-31812)

Summary Apache PDFBox is vulnerable to denial of service due to possible out of memory or infinite looping conditions. Vulnerability Details CVEID: CVE-2021-31811 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an out-of-memory exception while loading a file. By...

5.5CVSS1.8AI score0.03445EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2021/09/24 12:0 a.m.19 views

Fedora: Security Advisory for gifsicle (FEDORA-2021-c351011066)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.01605EPSS
Exploits1References2
Redos
Redos
added 2021/09/08 12:0 a.m.24 views

ROS-2-1166

2.1166 Vulnerability in GNU C Library glibc 2.32 CVE-2016-10228,CVE-2020-10029. 1. Vulnerability Description: CVE-2016-10228 Looping in iconv utility, manifested when run with "-c" option, in case of incorrect multibyte data processing. CVE-2020-10029 Stack corruption when trigonometric functions...

9.8CVSS7.5AI score0.04006EPSS
Exploits1
Redos
Redos
added 2021/09/08 12:0 a.m.30 views

ROS-2-457

2.457 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...

7.2AI score0.03155EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.38 views

ROS-2-439

2.439 Vulnerability in GNU C Library glibc 2.32 CVE-2016-10228,CVE-2020-10029. 1. Vulnerability Description: CVE-2016-10228 Looping in iconv utility, manifested when run with "-c" option, in case of incorrect multibyte data processing. CVE-2020-10029 Stack corruption when trigonometric functions...

6.1CVSS7.4AI score0.04006EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2021/08/27 12:0 a.m.5 views

The vulnerability of the DVMRP (Distance Vector Multicast Routing Protocol) implementation in Juniper Networks’ Junos OS-based QFX10K routers allows a attacker to cause service interruptions.

The vulnerability of the DVMRP Distance Vector Multicast Routing Protocol implementation in Juniper Networks’ Junos OS-based QFX10K routers stems from packet looping due to incorrect comparison of Ethernet segment identifiers. Exploiting this vulnerability can allow a malicious actor to cause...

6.1CVSS6.3AI score0.01097EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/05/21 2:26 p.m.4 views

GHSA-CWV3-863G-39VX Stack overflow due to looping TFLite subgraph

Impact TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be replaced by stack overflow due to too many recursive calls. For...

7.3CVSS5.8AI score0.00262EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2021/05/21 2:26 p.m.53 views

Stack overflow due to looping TFLite subgraph

Impact TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be replaced by stack overflow due to too many recursive calls. For...

7.8CVSS0.8AI score0.00262EPSS
Exploits1References9Affected Software3
Rows per page
Query Builder