Lucene search
+L

265 matches found

code423n4
code423n4
added 2023/06/12 12:0 a.m.13 views

The initial total supply of the role can be miscalculated in some cases

Lines of code Vulnerability details Impact Due to miscalculations during LlamaPolicy contract deployment the initial supply of the role can be set wrongly. And most of strategies will not work as intended. Moreover users will not be able to start an Action for some strategies as well. Proof of...

6.7AI score
Exploits0
nvd
nvd
added 2023/06/07 9:15 a.m.28 views

CVE-2023-30575

Apache Guacamole 1.5.1 and older may incorrectly calculate the lengths of instruction elements sent during the Guacamole protocol handshake, potentially allowing an attacker to inject Guacamole instructions during the handshake through specially-crafted data...

7.5CVSS6.9AI score0.01149EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2023/06/07 9:15 a.m.36 views

CVE-2023-30575

Apache Guacamole 1.5.1 and older may incorrectly calculate the lengths of instruction elements sent during the Guacamole protocol handshake, potentially allowing an attacker to inject Guacamole instructions during the handshake through specially-crafted data...

7.5CVSS7.1AI score0.01149EPSS
Exploits0References2
redos
redos
added 2023/03/15 12:0 a.m.33 views

ROS-20230315-01

Vulnerability in Mozilla Thunderbird email client related to notifications that are not displayed, when the browser is in full screen mode, allowing an attacker to trick the victim into visiting a malicious website and performing a spoofing attack. to visit a malicious website and perform a...

8.8CVSS7.6AI score0.00817EPSS
Exploits0
osv
osv
added 2023/03/04 4:15 p.m.5 views

AZL-25355 CVE-2023-1175 affecting package vim for versions less than 9.0.1402-1

Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378...

6.6CVSS7.2AI score0.00438EPSS
Exploits1References1
redhat
redhat
added 2023/02/20 12:21 p.m.7 views

Mozilla: Out of bounds memory write from EncodeInputStream

The Mozilla Foundation Security Advisory describes this flaw as: When encoding data from an inputStream in xpcom the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write...

8.8CVSS7.3AI score0.00737EPSS
Exploits0References6
redhat
redhat
added 2023/02/20 12:15 p.m.4 views

Mozilla: Out of bounds memory write from EncodeInputStream

The Mozilla Foundation Security Advisory describes this flaw as: When encoding data from an inputStream in xpcom the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write...

8.8CVSS7.3AI score0.00737EPSS
Exploits0References6
redhat
redhat
added 2023/02/20 8:27 a.m.6 views

Mozilla: Out of bounds memory write from EncodeInputStream

The Mozilla Foundation Security Advisory describes this flaw as: When encoding data from an inputStream in xpcom the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write...

8.8CVSS7.3AI score0.00737EPSS
Exploits0References6
redhat
redhat
added 2023/02/20 8:23 a.m.5 views

Mozilla: Out of bounds memory write from EncodeInputStream

The Mozilla Foundation Security Advisory describes this flaw as: When encoding data from an inputStream in xpcom the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write...

8.8CVSS7.3AI score0.00737EPSS
Exploits0References6
susecve
susecve
added 2023/02/15 6:14 a.m.3 views

SUSE CVE-2006-4251

Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbitrary code via a malformed TCP DNS query that prevents Recursor from properly calculating the TCP DNS query length...

7.5CVSS8.2AI score0.08437EPSS
Exploits0References4
susecve
susecve
added 2023/02/15 6:13 a.m.4 views

SUSE CVE-2006-7230

Perl-Compatible Regular Expression PCRE library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the 1 -x or 2 -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service PCRE or...

4.3CVSS6.8AI score0.01666EPSS
Exploits0References6
susecve
susecve
added 2023/02/15 4:56 a.m.4 views

SUSE CVE-2016-9377

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging IDT entry miscalculation...

5.5CVSS8.6AI score0.0039EPSS
Exploits0References7
code423n4
code423n4
added 2023/02/07 12:0 a.m.20 views

Incorrect computation in MultiRewardStaking changeRewardSpeed() leads to loss of rewards

Lines of code Vulnerability details Impact The changeRewardSpeed function computes rewardsEndTimestamp incorrectly for the case block.timestamp block.timestamp ? prevEndTime : block.timestamp.safeCastTo32, rewardsPerSecond, remainder If the prevEndTime block.timestamp then it can be reduced to...

6.7AI score
Exploits0
code423n4
code423n4
added 2023/02/03 12:0 a.m.29 views

Solmate safeTransfer and safeTansferFrom does not check the code size of the token address

Lines of code Vulnerability details Impact The safeTransfer and safeTransferFrom don't check the existence of code at the token address. This is a known issue while using solmate's libraries. Hence this may lead to miscalculation of funds and may lead to loss of funds, because if safeTransfer and...

7.1AI score
Exploits0
code423n4
code423n4
added 2022/12/12 12:0 a.m.11 views

Storage collision in Collateral.sol

Lines of code Vulnerability details Vulnerability details collateral.sol is an upgradeable contract. Upgradeable contracts should not use the constructor to initialize variables, as these will be set in the contract storage of the implementation contract, instead of the intended contract storage ...

6.6AI score
Exploits0
code423n4
code423n4
added 2022/11/28 12:0 a.m.7 views

Potential PirexReward's producerTokens's rewardToken unsynced with PirexGmx rewardToken can miss calculate the actual reward for user

Lines of code Vulnerability details Impact Potential PirexReward's producerTokens's rewardToken unsynced with PirexGmx rewardToken can miss calculate the actual reward for user Proof of Concept PirexReward initialization does not include rewardToken initialization for producerTokens. Meanwhile...

6.8AI score
Exploits0
code423n4
code423n4
added 2022/11/08 12:0 a.m.15 views

Solmate safetransfer and safetransferfrom doesnot check the codesize of the token address, which may lead to fund loss

Lines of code Vulnerability details Impact In bid function, the safetransferfrom function doesn't check the existence of code at the token address. This is a known issue while using solmate's libraries. Hence this may lead to miscalculation of funds and may lead to loss of funds , because if...

7AI score
Exploits0
code423n4
code423n4
added 2022/11/08 12:0 a.m.14 views

Solmate's safeTransfer function does not check the existence of the contract

Lines of code Vulnerability details Impact Miscalculation of transferred funds and finally, loss of funds Proof of Concept Solmate's safeTransfer and safeTransferFrom functions do not check the ext code size of the address of the recipient and so, it may lead to a miscalculation of funds as it...

7AI score
Exploits0
code423n4
code423n4
added 2022/10/25 12:0 a.m.18 views

LayerZeroModule miscalculates gas, risking loss of assets

Lines of code Vulnerability details Description Holograph gets it's cross chain messaging primitives through Layer Zero. To get pricing estimate, it uses the DstConfig price struct exposed in LZ's RelayerV2 The issue is that the important baseGas and gasPerByte configuration parameters, which are...

6.8AI score
Exploits0
code423n4
code423n4
added 2022/10/23 12:0 a.m.5 views

Outstanding reserved tokens are incorrectly counted in total redemption weight

Lines of code Vulnerability details Impact The amounts redeemed in overflow redemption can be calculated incorrectly due to incorrect accounting of the outstanding number of reserved tokens. Proof of Concept Project contributors are allowed to redeem their NFT tokens for a portion of the overflow...

7AI score
Exploits0
Rows per page
Query Builder