CVE-2025-62492

A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS engine's implementation of TypedArray.prototype.indexOf when a negative fromIndex argument is supplied. The fromIndex argument read as a double variable, $d$ is used to calculate the starting position f...

EUVD-2018-17916

Malware in sbrugna...

Arthimetic operation result in loss of voting power

Lines of code Vulnerability details Impact Carrying out calculation of voting power in function finalize based on division with value 1e4, then subtracting it with totalContributions and after that multiplying and dividing again will be a resultant that cause large precision error or even loss of...

GeVault LP calculations do not use scaling and are vulnerable to deposit attacks

Lines of code Vulnerability details Impact Currently, getTVL counts all token balances in GeVault, and attackers can manipulate getTVL to implement deposit attacks. Secondly, since the calculation of LP does not use scaling, because there is a precision error in the division, the cost for the...

Wrong calculation of elapsed days

Lines of code Vulnerability details Impact For a certain period of time, the dailyIr is compounded every day. However, when calculating prevClosePrice, the last day's addition is missed. The formula for calculating the current price is as follows: Range.dailyInterestRate Days Elapsed + 1...

Potential Early Exploit in Morho-Aave ERC4626 Implementation

Lines of code Vulnerability details Impact The issue discovered can be exploited when a vault is initially empty. A malicious actor could frontrun a legitimate user's deposit, contributing a negligible amount to the vault. This allows the actor to own shares while the total asset in the vault is...

There is a large precision error in sqrt calculation of lp

Lines of code Vulnerability details Impact Compared with div, there is a larger precision error in calculating lp through sqrt, so there should be a way to check whether there are excess tokens left when adding liquidity. Proof of Concept function testCalcLpTokenSupplyDiff public uint256 memory...

Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows Exploit

I was looking into the root cause of https://bugs.chromium.org/p/chromium/issues/detail?id=850350. In that bug, due to precision errors, Skia generated a concave RRect, but declared it convex. Later, the RRect was transformed with an affine transform and used as a clipping region for drawing...

CVE-2018-6153

A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page...

CVE-2018-6126

A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

CVE-2018-6153

A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page...

CVE-2018-6153

CVE-2018-6153 is a buffer/precision error in the Skia library used by Google Chrome prior to 68.0.3440.75. The issue allows a remote attacker who has already compromised the renderer process to perform an out-of-bounds memory write via a crafted HTML page, enabling potential arbitrary code execut...

CVE-2018-6126

CVE-2018-6126 is a Skia-related heap/buffer overflow in Google Chrome prior to 67.0.3396.62. A precision error in Skia could allow a remote attacker to perform an out-of-bounds memory write via a crafted HTML page, enabling potential arbitrary code execution. Publicly, this vulnerability is track...

CVE-2018-6153

Removed by vendor...

Skia - Heap Overflow in SkScan::FillPath due to Precision Error

Skia - Heap Overflow in SkScan::FillPath due to Precision Error There is a heap overflow in Skia when drawing paths with antialiasing turned off. This issue can be triggered in both Google Chrom and Mozilla Firefox by rendering a specially crafted SVG image. PoCs for both browsers are attached...

Skia - Heap Overflow in SkScan::FillPath due to Precision Error Vulnerability

Exploit for multiple platform in category dos / poc There is a heap overflow in Skia when drawing paths with antialiasing turned off. This issue can be triggered in both Google Chrom and Mozilla Firefox by rendering a specially crafted SVG image. PoCs for both browsers are attached. Details: When...

Skia - Heap Overflow in SkScan::FillPath due to Precision Error

There is a heap overflow in Skia when drawing paths with antialiasing turned off. This issue can be triggered in both Google Chrom and Mozilla Firefox by rendering a specially crafted SVG image. PoCs for both browsers are attached. Details: When Skia fills a path with antialiasing turned off,...

CVE-2018-6153

A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page...

CVE-2018-6126

A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

CVE-2018-6126

A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...