334 matches found
CVE-2023-30542
OpenZeppelin Contracts is a library for secure smart contract development. The proposal creation entrypoint propose in GovernorCompatibilityBravo allows the creation of proposals with a signatures array shorter than the calldatas array. This causes the additional elements of the latter to be...
CVE-2022-28937
FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via an invalid proposal with an invalid header, will cause normal nodes to stop producing new blocks and processing new clients' requests...
CVE-2025-5002 SourceCodester Client Database Management System user_proposal_update_order.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userproposalupdateorder.php. The manipulation of the argument orderid leads to sql injection. It is possible to initiate the attack...
CVE-2025-46193
SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via Arbitrary file upload in userproposalupdateorder.php...
Denial Of Service (DoS)
github.com/cosmos/cosmos-sdk is vulnerable to Denial of Service. The vulnerability is due to improper proposal handling due to malicious proposals triggering errors in the module's end blocker, potentially resulting in a chain halt...
Linux Distros Unpatched Vulnerability : CVE-2024-49568
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in...
Linux Distros Unpatched Vulnerability : CVE-2024-49571
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/smc: check ipareaoffset and ipv6prefixescnt when receiving proposal msg When receiving proposal msg in server, the field ipareaoffset and the field...
GO-2025-3476 Cosmos SDK: Groups module can halt chain when handling a malicious proposal in github.com/cosmos/cosmos-sdk
Cosmos SDK: Groups module can halt chain when handling a malicious proposal in github.com/cosmos/cosmos-sdk...
Cosmos SDK: Groups module can halt chain when handling a malicious proposal
Name: ASA-2025-003: Groups module can halt chain when handling a malicious proposal Component: CosmosSDK Criticality: High Considerable Impact; Likely Likelihood per ACMv1.2 Affected versions: = v0.47.15, = 0.50.11 Affected users: Validators, Full nodes, Users on chains that utilize the groups...
GHSA-X5VX-95H7-RV4P Cosmos SDK: Groups module can halt chain when handling a malicious proposal
Name: ASA-2025-003: Groups module can halt chain when handling a malicious proposal Component: CosmosSDK Criticality: High Considerable Impact; Likely Likelihood per ACMv1.2 Affected versions: = v0.47.15, = 0.50.11 Affected users: Validators, Full nodes, Users on chains that utilize the groups...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: Check smcdv2extoffset when receiving a proposal message. When receiving a proposal message from the server, the smcdv2extoffset field in the proposal message comes from the remote client, and cannot be fully trusted. Onc...
CVE-2024-49571
In the Linux kernel, the following vulnerability has been resolved: net/smc: check ipareaoffset and ipv6prefixescnt when receiving proposal msg When receiving proposal msg in server, the field ipareaoffset and the field ipv6prefixescnt in proposal msg are from the remote client and can not be ful...
CVE-2024-49568
In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...
CVE-2024-47408
In the Linux kernel, the following vulnerability has been resolved: net/smc: check smcdv2extoffset when receiving proposal msg When receiving proposal msg in server, the field smcdv2extoffset in proposal msg is from the remote client and can not be fully trusted. Once the value of smcdv2extoffset...
SUSE CVE-2024-49568
In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...
SUSE CVE-2024-49571
In the Linux kernel, the following vulnerability has been resolved: net/smc: check ipareaoffset and ipv6prefixescnt when receiving proposal msg When receiving proposal msg in server, the field ipareaoffset and the field ipv6prefixescnt in proposal msg are from the remote client and can not be ful...
DEBIAN-CVE-2024-49571
In the Linux kernel, the following vulnerability has been resolved: net/smc: check ipareaoffset and ipv6prefixescnt when receiving proposal msg When receiving proposal msg in server, the field ipareaoffset and the field ipv6prefixescnt in proposal msg are from the remote client and can not be ful...
CVE-2024-49568
In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...
DEBIAN-CVE-2024-49568
In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...
AZL-68541 CVE-2024-49568 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...