90 matches found
Removing NFT could exceed block size limit
Handle Sherlock Vulnerability details Impact On line 129 it loops over all the NFTs stored in the contract. Although a break statement is included it can cause the transaction to run out of gas in case of an extreme amount of NFTs Proof of Concept N/A Tools Used Hardhat Recommended Mitigation Ste...
Design/Logic Flaw
An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Series, MX10000 Series, MX240, MX480, MX960 devices with affected Trio line cards allows an attacker to exploit an interdependency in the PFE UCODE...
SUSE: Security Advisory (SUSE-SU-2019:0054-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2020-15114
In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requestin...
VulnCheck KEV: CVE-2020-15654
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work...
CVE-2020-5347
Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses...
CVE-2019-16201
WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network...
Code injection
WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network...
CVE-2019-16201
CVE-2019-16201 affects Ruby’s WEBrick DigestAuth implementations across multiple Ruby branches (up to 2.4.7, 2.5.x up to 2.5.6, and 2.6.x up to 2.6.4). The issue is a regular-expression Denial of Service caused by backtracking in DigestAuth, requiring a WEBrick server exposed to the Internet or a...
CVE-2019-16201
WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network...
CVE-2017-3140
CVE-2017-3140 describes an RPZ rule processing error in BIND that can cause named to enter an endless loop when handling a query. Affected BIND versions per sources include 9.9.10, 9.10.5, 9.11.0–9.11.1, 9.9.10-S1, 9.10.5-S1. Public advisories differ on impact to vendor products; F5 notes not aff...
SUSE SLES12 Security Update : systemd (SUSE-SU-2019:0054-1)
This update for systemd fixes the following issues : Fix security vulnerabilities CVE-2018-16864 and CVE-2018-16865 bsc1120323: Both issues were memory corruptions via attacker-controlled alloca which could have been used to gain root privileges by a local attacker. Fix security vulnerability...
CVE-2017-2779
An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. A specially crafted Virtual Instrument VI file can cause an attacker controlled looping condition resulting in an arbitrary null write. An...
CVE-2017-2779
An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. A specially crafted Virtual Instrument VI file can cause an attacker controlled looping condition resulting in an arbitrary null write. An...
Debian DSA-3866-1 : strongswan - security update
Two denial of service vulnerabilities were identified in strongSwan, an IKE/IPsec suite, using Google's OSS-Fuzz fuzzing project. - CVE-2017-9022 RSA public keys passed to the gmp plugin aren't validated sufficiently before attempting signature verification, so that invalid input might lead to a...
strongswan -- Denial-of-service vulnerability in the x509 plugin
strongSwan security team reports: ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when parsing X.509 certificates with extensions that use such types. This could lead to infinite looping of the thread parsing a specifically crafted certificate...
CVE-2017-6214
A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice and tcpspliceread functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely...
CVE-2016-9372
In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects...
CVE-2016-9372
In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects...
Authenticated WMI Exec Via Powershell
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/post/windows/powershell' require 'msf/core/post/windows/priv' require 'msf/core/exploit/powershell/dotnet' class MetasploitModule...