130 matches found
CVE-2024-50092 net: netconsole: fix wrong warning
In the Linux kernel, the following vulnerability has been resolved: net: netconsole: fix wrong warning A warning is triggered when there is insufficient space in the buffer for userdata. However, this is not an issue since userdata will be sent in the next iteration. Current warning message:...
The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits "sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()" validation.
...
CVE-2024-46730 drm/amd/display: Ensure array index tg_inst won't be -1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure array index tginst won't be -1 WHY & HOW tginst will be a negative if timinggeneratorcount equals 0, which should be checked before used. This fixes 2 OVERRUN issues reported by Coverity...
GO-2024-2529 Etcd embed auto compaction retention negative value causing a compaction loop or a crash in go.etcd.io/etcd
Etcd embed auto compaction retention negative value causing a compaction loop or a crash in go.etcd.io/etcd...
CVE-2024-36734
Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS via inputting a negative value into the dim parameter...
CVE-2024-36734
CVE-2024-36734 involves OneFlow-Inc. Oneflow v0.9.1, with an improper input validation in the dim parameter that can be exploited to cause a Denial of Service. The vulnerability is described across multiple sources as a DoS triggered by negative input values for dim, leading to availability impac...
CVE-2024-36737
Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS via inputting a negative value into the oneflow.full parameter...
CVE-2024-36737
CVE-2024-36737 affects Oneflow v0.9.1 from OneFlow-Inc, with an improper input validation flaw in the oneflow.full parameter that can cause a Denial of Service. The issue is documented across multiple sources; the core detail is that a negative value input triggers DoS. Exploitation details are n...
SUSE CVE-2021-47511
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may receive a negative value as an error, but the code there assumes only the positive values and handle them with sizet. Due to that, a to...
UBUNTU-CVE-2023-52810
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative dbl2nbperpage l2nbperpage is log2number of blks per page, and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used...
CVE-2023-52810 fs/jfs: Add check for negative db_l2nbperpage
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative dbl2nbperpage l2nbperpage is log2number of blks per page, and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used...
GHSA-PM3M-32R3-7MFH Etcd embed auto compaction retention negative value causing a compaction loop or a crash
Impact Data Validation Detail The parseCompactionRetention function in embed/etcd.go allows the retention variable value to be negative and causes the node to execute the history compaction in a loop, taking more CPU than usual and spamming logs. References Find out more on this vulnerability in...
Etcd embed auto compaction retention negative value causing a compaction loop or a crash
Impact Data Validation Detail The parseCompactionRetention function in embed/etcd.go allows the retention variable value to be negative and causes the node to execute the history compaction in a loop, taking more CPU than usual and spamming logs. References Find out more on this vulnerability in...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read when processing ogg vorbis files using the DECODE macro. An attacker can leak internal memory allocation information by crafting a file that triggers an out-of-bounds read when var is negative. Remediation There is no...
left shift of negative value in scene_manager/swf_parse.c:213:12
Description left shift of negative value in MP4Box Version $ ./bin/gcc/MP4Box -version MP4Box - GPAC version 2.3-DEV-revrelease c 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io Please cite our work in your research: GPAC Filters: https://doi.org/10.1145/3339825.3394929 GPAC...
Unsafe typecasting can lead to tokens being locked in the contract
Lines of code Vulnerability details Impact In the createLock function the amount is calculated by casting the uint256 value to int128 in an unsafe way. Specifically the locked.amount is calculated as: locked.amount += int128int256value; could result in a negative value for locked.amount. For...
PT-2023-23586 · Pimcore · Pimcore/Customer-Management-Framework-Bundle
Name of the Vulnerable Software and Affected Versions: pimcore/customer-management-framework-bundle versions prior to 3.3.9 Description: The Customer Management Framework CMF for Pimcore has a business logic error in the Conditions tab, where the counter can be a negative number, leading to unlog...
SUSE CVE-2003-0721
Integer signedness error in rfc2231getparam from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number...
SUSE CVE-2007-6036
The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 and earlier allows remote attackers to cause a denial of service daemon crash via a short RTSP query, which causes a negative number to be used during memory allocation...
SUSE CVE-2016-9820
libavcodec/mpegvideomotion.c in libav 11.8 allows remote attackers to cause a denial of service crash via vectors involving left shift of a negative value...