6 matches found
CVE-2023-27892
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cfconfirmExecTx in ethereumcontracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With...
CVE-2023-27892
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cfconfirmExecTx in ethereumcontracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With...
CVE-2023-27892
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cfconfirmExecTx in ethereumcontracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With...
EulerOS 2.0 SP9 : openssl (EulerOS-SA-2022-2300)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properl...
Design/Logic Flaw
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...
CVE-2016-10519
A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory...