Vyper 输入验证错误漏洞

Vyper is the Pythonic smart contract language for EVM. An input validation error vulnerability exists in versions of Vyper prior to 0.3.8, which stems from a lack of overflow checking for cyclic variables...

GSD-2022-1006810 usb: gadget: f_fs: stricter integer overflow checks

usb: gadget: ffs: stricter integer overflow checks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...

kernel: ALSA: oss: Fix PCM OSS buffer allocation overflow

In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fix PCM OSS buffer allocation overflow We've got syzbot reports hitting INTMAX overflow at vmalloc allocation that is called from sndpcmplugalloc. Although we apply the restrictions to input parameters, it's based only...

Using StableMath and SafeCast

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. import "@openzeppelin/contracts/utils/math/SafeCast.sol"; Wrappers over Solidity’s uintXX/intXX casting operators with added overflow checks. Downcasting from uint256/int256 in Solidity does not revert ...

Possible casting overflow in _updateAccounting function

Lines of code Vulnerability details Impact In the updateAccounting function, the inkOut and artIn parameters are cast from type uint256 to uint128. However, since the explicit cast does not ensure the value fits the uint128 data type i.e., not ensuring value = typeuint128.max, casting overflows a...

SUSE: Security Advisory (SUSE-SU-2017:3441-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GSD-2021-1000368 io_uring: fix overflows checks in provide buffers

iouring: fix overflows checks in provide buffers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...

p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers

An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc...

Huawei EulerOS: Security Advisory for p11-kit (EulerOS-SA-2021-1161)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALPINE-CVE-2020-29361

An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc...

CVE-2020-29361

An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc...

SUSE-SU-2020:2074-1 Security update for grub2

This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 bsc1168994 - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 bsc1173812 - Fix for CVE-2020-15706 bsc1174463 - Fix for CVE-2020-15707 bsc1174570 - Use overflow checking primitives where the arithmetic...

openSUSE: Security Advisory for libredwg (openSUSE-SU-2020:0068_1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2020:0095-1 Security update for libredwg

This update for libredwg fixes the following issues: libredwg was updated to release 0.9.3: Added the -x,--extnames option to dwglayers for r13-r14 DWGs. Fixed some leaks: SORTENTSTABLE, PROXYENTITY.ownerhandle for r13. Add DICTIONARY.itemhandles for r13 and r14. Fixed some dwglayers null pointer...

Security update for libredwg (moderate)

openSUSE Security Update: Security update for libredwg Announcement ID: openSUSE-SU-2020:0095-1 Rating: moderate References: 1129868 1129869 1129870 1129873 1129874 1129875 1129876 1129878 1129879 1129881 1154080 1159824 1159825 1159826 1159827 1159828 1159831 1159832 Cross-References:...

OPENSUSE-SU-2020:0068-1 Security update for libredwg

This update for libredwg fixes the following issues: libredwg was updated to release 0.9.3: Added the -x,--extnames option to dwglayers for r13-r14 DWGs. Fixed some leaks: SORTENTSTABLE, PROXYENTITY.ownerhandle for r13. Add DICTIONARY.itemhandles for r13 and r14. Fixed some dwglayers null pointer...

UBUNTU-CVE-2019-14973

TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash...

spice-gtk: Remote code execution

Background spice-gtk is a set of GObject and Gtk objects for connecting to Spice servers and a client GUI. Description A vulnerability was found in spice-gtk client due to the incorrect use of integer types and missing overflow checks. Impact An attacker, by enticing the user to join a malicious...

openSUSE Security Update : gdk-pixbuf (openSUSE-2017-1426)

This update for gdk-pixbuf provides the following fixes : - Add overflow checks when creating pixbuf structures in general - Fix arithmetic overflow in the BMP loader bsc1053417 - Adds support for BMPv3 with bitmasks bsc1053417 This update was imported from the SUSE:SLE-12-SP2:Update update...

SUSE-SU-2017:3441-1 Security update for gdk-pixbuf

This update for gdk-pixbuf provides the following fixes: - Add overflow checks when creating pixbuf structures in general - Fix arithmetic overflow in the BMP loader bsc1053417 - Adds support for BMPv3 with bitmasks bsc1053417...