Lucene search
K

82 matches found

Tenable Nessus
Tenable Nessus
added 2023/05/18 12:0 a.m.27 views

FreeBSD : electron -- vulnerability (b09d77d0-b27c-48ae-b69b-9641bb68b39e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b09d77d0-b27c-48ae-b69b-9641bb68b39e advisory. - An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML...

6.5CVSS7.2AI score0.01013EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/05/01 12:0 a.m.39 views

Debian dla-3405 : libxml2 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3405 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3405-1 [email protected]...

6.5CVSS7.3AI score0.01086EPSS
Exploits1References6
Microsoft CVE
Microsoft CVE
added 2023/04/25 7:0 a.m.5 views

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document xmlDictComputeFastKey in dict.c can produce non-deterministic values leading to various logic and memory errors such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string and any value is possible (not solely the '\0' value).

...

6.5CVSS7.6AI score0.01013EPSS
Exploits0
OSV
OSV
added 2023/04/24 9:15 p.m.7 views

AZL-26282 CVE-2023-29469 affecting package libxml2 for versions less than 2.10.4-1

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to...

6.5CVSS6.8AI score0.01013EPSS
Exploits0References1
Prion
Prion
added 2023/04/24 9:15 p.m.23 views

Double free

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to...

4.3CVSS6.8AI score0.01013EPSS
Exploits0References4Affected Software2
Vulnrichment
Vulnrichment
added 2023/04/24 12:0 a.m.7 views

CVE-2023-29469

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to...

6.4AI score0.01013EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2023/04/24 12:0 a.m.48 views

CVE-2023-29469

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to...

6.5CVSS6.9AI score0.01013EPSS
Exploits0
Cvelist
Cvelist
added 2023/04/24 12:0 a.m.26 views

CVE-2023-29469

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to...

6.9AI score0.01013EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.7 views

PT-2023-3193

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.10.4 Description The issue is related to the xmlDictComputeFastKey function in dict.c, which can produce non-deterministic values when hashing empty dict strings in a crafted XML document. This can lead to various...

10CVSS5.8AI score0.52063EPSS
Exploits20References136
Veracode
Veracode
added 2021/10/21 4:5 a.m.10 views

Consensus Halt

github.com/cosmos/cosmos-sdk encounters a consensus halt. An attacker with the ability to send transactions on any chain with the authz module enabled can halt that chain using many Grants, with different but close expiration times as it uses non-deterministic behaviour in a ValidateBasic method ...

6.5CVSS6.6AI score0.01658EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/10/20 6:15 p.m.18 views

CVE-2021-41135

The Cosmos-SDK is a framework for building blockchain applications in Golang. Affected versions of the SDK were vulnerable to a consensus halt due to non-deterministic behaviour in a ValidateBasic method in the x/authz module. The MsgGrant of the x/authz module contains a Grant field which includ...

6.5CVSS6.5AI score
Exploits0References3
NVD
NVD
added 2021/10/20 6:15 p.m.29 views

CVE-2021-41135

The Cosmos-SDK is a framework for building blockchain applications in Golang. Affected versions of the SDK were vulnerable to a consensus halt due to non-deterministic behaviour in a ValidateBasic method in the x/authz module. The MsgGrant of the x/authz module contains a Grant field which includ...

6.5CVSS0.01658EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/10/20 6:5 p.m.33 views

CVE-2021-41135 Authz Module Non-Determinism

The Cosmos-SDK is a framework for building blockchain applications in Golang. Affected versions of the SDK were vulnerable to a consensus halt due to non-deterministic behaviour in a ValidateBasic method in the x/authz module. The MsgGrant of the x/authz module contains a Grant field which includ...

6.5CVSS6.6AI score0.01658EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/10/20 12:0 a.m.4 views

Cosmos-SDK 代码问题漏洞

Cosmos-SDK is a framework for building blockchain applications in Golang. Cosmos-SDK suffers from a code issue vulnerability that stems from non-deterministic behavior of the ValidateBasic method in the x/authz module in the software, and affected versions of the SDK are prone to consensus stoppi...

6.5CVSS6.5AI score0.01658EPSS
Exploits1References4
NVD
NVD
added 2020/01/04 7:15 a.m.22 views

CVE-2020-5499

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same...

9.8CVSS9.5AI score0.03163EPSS
Exploits1References1
OSV
OSV
added 2020/01/04 7:15 a.m.17 views

CVE-2020-5499

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same...

9.8CVSS6.9AI score
Exploits0References1
Prion
Prion
added 2020/01/04 7:15 a.m.18 views

Sql injection

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same...

7.5CVSS9.4AI score0.03163EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/01/04 6:5 a.m.179 views

CVE-2020-5499

Summary: CVE-2020-5499 affects Baidu Rust SGX SDK up to version 1.0.8, where an enclave ID race can yield non‑deterministic results in which two global IDs are the same. The linked records consistently describe this as the enclave ID race issue and reference Baidu Rust SGX SDK 1.0.8 and earlier. ...

9.8CVSS9.4AI score0.03163EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/01/04 6:5 a.m.25 views

CVE-2020-5499

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same...

9.5AI score0.03163EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.11 views

The vulnerability of the OpenSSL software allows a malicious attacker to compromise the confidentiality of protected information.

The vulnerability exists in the SSL protocol for OpenSSL due to the use of non-deterministic padding for CBC encryption block chaining of the encryption text. Exploiting this vulnerability allows a malicious actor to obtain unencrypted data by using a padding prediction attack, known as POODLE...

4.3CVSS6.5AI score0.99999EPSS
Exploits7References3Affected Software1
Rows per page
Query Builder