Lucene search
K

334 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:43 a.m.9 views

CVE-2023-30542

OpenZeppelin Contracts is a library for secure smart contract development. The proposal creation entrypoint propose in GovernorCompatibilityBravo allows the creation of proposals with a signatures array shorter than the calldatas array. This causes the additional elements of the latter to be...

8.8CVSS6.9AI score0.00584EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:42 p.m.7 views

CVE-2022-28937

FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via an invalid proposal with an invalid header, will cause normal nodes to stop producing new blocks and processing new clients' requests...

7.5CVSS7.3AI score0.0112EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/20 10:0 p.m.7 views

CVE-2025-5002 SourceCodester Client Database Management System user_proposal_update_order.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userproposalupdateorder.php. The manipulation of the argument orderid leads to sql injection. It is possible to initiate the attack...

7.5CVSS7.3AI score0.00421EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/11 12:15 a.m.24 views

CVE-2025-46193

SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via Arbitrary file upload in userproposalupdateorder.php...

9.8CVSS7.6AI score0.00607EPSS
Exploits0References1
Veracode
Veracode
added 2025/03/20 10:8 a.m.9 views

Denial Of Service (DoS)

github.com/cosmos/cosmos-sdk is vulnerable to Denial of Service. The vulnerability is due to improper proposal handling due to malicious proposals triggering errors in the module's end blocker, potentially resulting in a chain halt...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-49568

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in...

5.5CVSS6.8AI score0.00212EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2024-49571

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/smc: check ipareaoffset and ipv6prefixescnt when receiving proposal msg When receiving proposal msg in server, the field ipareaoffset and the field...

5.5CVSS6.8AI score0.00214EPSS
Exploits0References3
OSV
OSV
added 2025/03/03 4:11 p.m.5 views

GO-2025-3476 Cosmos SDK: Groups module can halt chain when handling a malicious proposal in github.com/cosmos/cosmos-sdk

Cosmos SDK: Groups module can halt chain when handling a malicious proposal in github.com/cosmos/cosmos-sdk...

7.1AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/02/20 8:18 p.m.13 views

Cosmos SDK: Groups module can halt chain when handling a malicious proposal

Name: ASA-2025-003: Groups module can halt chain when handling a malicious proposal Component: CosmosSDK Criticality: High Considerable Impact; Likely Likelihood per ACMv1.2 Affected versions: = v0.47.15, = 0.50.11 Affected users: Validators, Full nodes, Users on chains that utilize the groups...

6.8AI score
Exploits0References5Affected Software1
OSV
OSV
added 2025/02/20 8:18 p.m.5 views

GHSA-X5VX-95H7-RV4P Cosmos SDK: Groups module can halt chain when handling a malicious proposal

Name: ASA-2025-003: Groups module can halt chain when handling a malicious proposal Component: CosmosSDK Criticality: High Considerable Impact; Likely Likelihood per ACMv1.2 Affected versions: = v0.47.15, = 0.50.11 Affected users: Validators, Full nodes, Users on chains that utilize the groups...

8.7CVSS6.8AI score
Exploits0References5
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/smc: Check smcdv2extoffset when receiving a proposal message. When receiving a proposal message from the server, the smcdv2extoffset field in the proposal message comes from the remote client, and cannot be fully trusted. Onc...

5.5CVSS6.2AI score0.00218EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/01/13 11:28 a.m.16 views

CVE-2024-49571

In the Linux kernel, the following vulnerability has been resolved: net/smc: check ipareaoffset and ipv6prefixescnt when receiving proposal msg When receiving proposal msg in server, the field ipareaoffset and the field ipv6prefixescnt in proposal msg are from the remote client and can not be ful...

5.5CVSS6.8AI score0.00214EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/01/13 9:53 a.m.11 views

CVE-2024-49568

In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...

5.5CVSS6.8AI score0.00212EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/01/13 6:20 a.m.8 views

CVE-2024-47408

In the Linux kernel, the following vulnerability has been resolved: net/smc: check smcdv2extoffset when receiving proposal msg When receiving proposal msg in server, the field smcdv2extoffset in proposal msg is from the remote client and can not be fully trusted. Once the value of smcdv2extoffset...

5.5CVSS6.8AI score0.00218EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/01/12 12:17 a.m.8 views

SUSE CVE-2024-49568

In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...

6.3CVSS7.8AI score0.00212EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2025/01/12 12:17 a.m.5 views

SUSE CVE-2024-49571

In the Linux kernel, the following vulnerability has been resolved: net/smc: check ipareaoffset and ipv6prefixescnt when receiving proposal msg When receiving proposal msg in server, the field ipareaoffset and the field ipv6prefixescnt in proposal msg are from the remote client and can not be ful...

6.3CVSS6.7AI score0.00214EPSS
Exploits0References16
OSV
OSV
added 2025/01/11 1:15 p.m.2 views

DEBIAN-CVE-2024-49571

In the Linux kernel, the following vulnerability has been resolved: net/smc: check ipareaoffset and ipv6prefixescnt when receiving proposal msg When receiving proposal msg in server, the field ipareaoffset and the field ipv6prefixescnt in proposal msg are from the remote client and can not be ful...

5.5CVSS5.7AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2025/01/11 1:15 p.m.7 views

CVE-2024-49568

In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...

5.5CVSS0.00212EPSS
Exploits0References3
OSV
OSV
added 2025/01/11 1:15 p.m.5 views

DEBIAN-CVE-2024-49568

In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...

5.5CVSS5.7AI score0.00212EPSS
Exploits0References1
OSV
OSV
added 2025/01/11 1:15 p.m.7 views

AZL-68541 CVE-2024-49568 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...

5.5CVSS6.5AI score0.00212EPSS
Exploits0References1
Rows per page
Query Builder