Lucene search
K

82 matches found

Veracode
Veracode
added 2025/03/19 7:55 a.m.8 views

Denial Of Service

IBC-Go is vulnerable to Denial Of Service. The vulnerability is due to improper handling of JSON unmarshalling for IBC Acknowledgements, allows an attacker to trigger a denial-of-service DoS condition and leads to non-deterministic behavior that can halt the chain...

7AI score
Exploits0
OSV
OSV
added 2025/03/18 3:59 p.m.14 views

GO-2025-3517 Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt in github.com/cosmos/ibc-go

Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt in github.com/cosmos/ibc-go...

7.1AI score
Exploits0References3
Snyk
Snyk
added 2025/03/12 7:29 p.m.3 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to inconsistencies in the deserialization process of acknowledgments, leading to non-deterministic behavior that can halt a blockchain network. Note: This is only exploitable if the attacker has the...

9.6CVSS7AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/03/11 9:54 p.m.10 views

cheqd-node affected by Non-deterministic JSON Unmarshalling of IBC Acknowledgement

Description An issue was discovered in IBC-Go's deserialization of acknowledgements that results in non-deterministic behavior which can halt a chain. Any user that can open an IBC channel can introduce this state to the chain. This an upstream dependency used in cheqd-node, rather than a custom...

7AI score
Exploits0References5Affected Software1
Veracode
Veracode
added 2025/03/06 9:20 a.m.7 views

Denial Of Service (DoS)

github.com/cosmos/ibc-go is vulnerable to Denial Of Service DoS. The vulnerability is due to improper deserialization of IBC acknowledgements, allowing an attacker to halt the chain by introducing a non-deterministic state...

7AI score
Exploits0
OSV
OSV
added 2025/03/05 3:55 p.m.7 views

GO-2025-3494 IBC-Go has Non-deterministic JSON Unmarshalling of IBC Acknowledgement in github.com/cosmos/ibc-go

IBC-Go has Non-deterministic JSON Unmarshalling of IBC Acknowledgement in github.com/cosmos/ibc-go...

7.1AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/02/28 5:46 p.m.52 views

IBC-Go has Non-deterministic JSON Unmarshalling of IBC Acknowledgement

Name: ASA-2025-004: Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt Component: IBC-Go Criticality: Critical Considerable Impact; Almost Certain Likelihood per ACMv1.2 Affected versions: IBC-Go = v7; Earlier IBC-Go versions may also be affected. Affected user...

7AI score
Exploits0References4Affected Software8
OSV
OSV
added 2025/02/28 5:46 p.m.16 views

GHSA-JG6F-48FF-5XRW IBC-Go has Non-deterministic JSON Unmarshalling of IBC Acknowledgement

Name: ASA-2025-004: Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt Component: IBC-Go Criticality: Critical Considerable Impact; Almost Certain Likelihood per ACMv1.2 Affected versions: IBC-Go = v7; Earlier IBC-Go versions may also be affected. Affected user...

9.3CVSS7AI score
Exploits0References4
OSV
OSV
added 2025/02/26 7:1 a.m.4 views

UBUNTU-CVE-2022-49698

In the Linux kernel, the following vulnerability has been resolved: netfilter: use getrandomu32 instead of prandom bh might occur while updating per-cpu rndstate from user context, ie. localout path. BUG: using smpprocessorid in preemptible 00000000 code: nginx/2725 caller is...

7.8CVSS6AI score0.0029EPSS
Exploits0References14
OSV
OSV
added 2024/08/30 5:18 p.m.12 views

GO-2024-3081 CWA-2024-006: wasmd non-deterministic module_query_safe query in github.com/CosmWasm/wasmd

CWA-2024-006: wasmd non-deterministic modulequerysafe query in github.com/CosmWasm/wasmd...

7.1AI score
Exploits0References3
Veracode
Veracode
added 2024/08/22 9:25 a.m.4 views

Improper Validation Of Non-deterministic Behavior

github.com/cosmwasm/wasmd is vulnerable to Improper validation of non-deterministic behavior. The vulnerability is due to the incorrect marking of the SmartContractState query as safe, which may cause non-deterministic outcomes across different nodes. Attackers can potentially exploit this...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2024/08/22 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-2282)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.4AI score0.01086EPSS
Exploits1References2
OSV
OSV
added 2024/08/21 6:33 p.m.4 views

GHSA-FPGJ-CR28-FVPX CWA-2024-006: wasmd non-deterministic module_query_safe query

Component: wasmd Criticality: Medium ACMv1: I:Moderate; L:Likely Patched versions: wasmd 0.53.0 See CWA-2024-006 for more details...

7.2AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/08/21 6:33 p.m.9 views

CWA-2024-006: wasmd non-deterministic module_query_safe query

Component: wasmd Criticality: Medium ACMv1: I:Moderate; L:Likely Patched versions: wasmd 0.53.0 See CWA-2024-006 for more details...

7.2AI score
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/08/21 12:0 a.m.10 views

CWA-2024-006: wasmd non-deterministic module_query_safe query

Component: wasmd Criticality: Medium ACMv1: I:Moderate; L:Likely Patched versions: wasmd 0.53.0 See CWA-2024-006 for more details...

7.2AI score
Exploits0References5Affected Software1
The Hacker News
The Hacker News
added 2024/08/12 10:18 a.m.17 views

The AI Hangover is Here – The End of the Beginning

After a good year of sustained exuberance, the hangover is finally here. It's a gentle one for now, as the market corrects the share price of the major players like Nvidia, Microsoft, and Google, while other players reassess the market and adjust priorities. Gartner calls it the trough of...

6.3AI score
Exploits0
OSV
OSV
added 2024/06/06 4:56 p.m.6 views

CLSA-2024-1717692967 libxml2: Fix of 2 CVEs

CVE-2023-29469: dict.c: fix non-deterministic hashing of empty dict strings - CVE-2023-28484: fix NULL pointer dereferences in xmlSchemaFixupComplexType and xmlSchemaCheckCOSSTDerivedOK...

6.5CVSS6.8AI score0.01086EPSS
Exploits1References1
Veracode
Veracode
added 2024/06/06 4:12 a.m.19 views

Out-of-Bounds-Read

org.iq80.snappy: snappy is vulnerable to Out-of-Bounds-Read. The vulnerability is due to the usage of the JDK class sun.misc.Unsafe to speed up memory access without performing additional bounds checks, which can result in non-deterministic behavior or a JVM crash...

5.3CVSS6.6AI score0.00487EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2024/06/05 1:33 p.m.35 views

CVE-2024-36124

A flaw was found in the iq80 Snappy compression/decompression library. When uncompressing certain data, Snappy tries to read outside the bounds of the given byte arrays. Because Snappy uses the JDK class sun.misc.Unsafe to speed up memory access, no additional bounds checks are performed, and thi...

5.3CVSS5.4AI score0.00487EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/06/03 2:25 p.m.32 views

CVE-2024-36124 iq80 Snappy has an out-of-bounds read when uncompressing data, leading to JVM crash

iq80 Snappy is a compression/decompression library. When uncompressing certain data, Snappy tries to read outside the bounds of the given byte arrays. Because Snappy uses the JDK class sun.misc.Unsafe to speed up memory access, no additional bounds checks are performed and this has similar securi...

5.3CVSS5.2AI score0.00487EPSS
Exploits0References1
Rows per page
Query Builder