Lucene search
+L

65 matches found

Code423n4
Code423n4
added 2022/06/26 12:0 a.m.7 views

It's possible to perform DOS and fund lose in Stacking by transferring tokens directly to contract

Lines of code Vulnerability details Impact Function rebase in contract Staking calls Yieldy.rebaseprofit, and Yieldy.rebaseprofit, would revert if rebasingCredits / updatedTotalSupply was equal to 0. it's possible to transfer some STAKINGTOKEN directly to Stacking contract before or after...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/06/16 12:0 a.m.10 views

fund lose because of the direct funds transfer to vault address and cause big balance() to totalSupply() ratio and cause big division error in _mintSharesFor() (this is in previous contest scope)

Lines of code Vulnerability details Impact Attacker can cause balance / totalSupply ratio to go as high as he want and then because of rounding error in mintSharesFor lower amount of share would be mint for users. if totalSupply is 0 attacker can directly transfer tokens to contract address and...

6.7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/05/14 2:8 a.m.26 views

Mercurial arbitrary code execution vulnerability

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...

8.8CVSS8.2AI score0.04832EPSS
Exploits0References15Affected Software1
Code423n4
Code423n4
added 2021/12/22 12:0 a.m.8 views

denial of service

Handle danb Vulnerability details on the first deposit, the total liquidity is set to nativeDeposit. this might be a very low number compared to foreignDeposit. It can cause a denial of service of the pair. Impact A pair can enter a denial of service state. Proof of Concept consider the following...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/12/16 12:0 a.m.7 views

_safeJoeTransfer doesn't refund users JOE incase of rounding error

Handle jayjonah8 Vulnerability details Impact In WJLP.sol a user can call the claimReward function to claim the JOE rewards they are owed. This eventually calls the safeJoeTransfer function which will check if the amount to send is greater than the joeBal of the contract. If the amount is greater...

7AI score
Exploits0
OSV
OSV
added 2021/05/21 2:22 p.m.28 views

GHSA-JFP7-4J67-8R3Q Heap buffer overflow caused by rounding

Impact An attacker can trigger a heap buffer overflow in tf.rawops.QuantizedResizeBilinear by manipulating input values so that float rounding results in off-by-one error in accessing image elements: python import tensorflow as tf l = 256, 328, 361, 17, 361, 361, 361, 361, 361, 361, 361, 361, 361...

2.5CVSS6AI score0.00251EPSS
Exploits1References7
PyPA
PyPA
added 2021/05/14 8:15 p.m.7 views

PYSEC-2021-166

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in tf.rawops.QuantizedResizeBilinear by manipulating input values so that float rounding results in off-by-one error in accessing image elements. This is because the...

7.8CVSS7.6AI score0.00251EPSS
Exploits1References2Affected Software1
Hacker One
Hacker One
added 2020/03/02 10:33 p.m.42 views

HackerOne: Rounding errors on rewarding a bounty leads to bypassing the 20% H1 commission fee

Summary: The team discovered a rounding error issue when rewarding hackers with a bounty. Through a series of micro-payments, a malicious program manager is able to pay a full amount to the hacker while evading the 20% H1 commission fee. Description: H1 has a system for awarding and paying hacker...

0.3AI score
Exploits0
NVD
NVD
added 2019/07/15 6:15 p.m.14 views

CVE-2019-1010294

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: opteeos. The fixed version is: 3.4.0 and later...

7.5CVSS7.7AI score0.01408EPSS
Exploits0References1
OSV
OSV
added 2019/07/15 6:15 p.m.5 views

CVE-2019-1010294

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: opteeos. The fixed version is: 3.4.0 and later...

7.5CVSS5.5AI score0.01408EPSS
Exploits0References1
Prion
Prion
added 2019/07/15 6:15 p.m.23 views

Code injection

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: opteeos. The fixed version is: 3.4.0 and later...

5CVSS7.7AI score0.01408EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2019/07/15 5:27 p.m.16 views

CVE-2019-1010294

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: opteeos. The fixed version is: 3.4.0 and later...

7.5CVSS7.7AI score0.01408EPSS
Exploits0
CVE
CVE
added 2019/07/15 5:27 p.m.47 views

CVE-2019-1010294

The CVE affects Linaro/OP-TEE OP-TEE 3.3.0 and earlier in optee_os due to a rounding error. Impact: potentially leaking code and/or data from a previous Trusted Application. Fixed in 3.4.0 and later. Remediation: upgrade to OP-TEE 3.4.0+ or apply equivalent fixes. Note: connected sources consiste...

7.5CVSS7.6AI score0.01408EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/15 5:27 p.m.18 views

CVE-2019-1010294

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: opteeos. The fixed version is: 3.4.0 and later...

7.7AI score0.01408EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/07/15 12:0 a.m.8 views

PT-2019-11546

Name of the Vulnerable Software and Affected Versions: Linaro/OP-TEE versions prior to 3.4.0 Description: The issue is related to a rounding error in the optee os component, potentially leading to the leakage of code and/or data from previous Trusted Applications. Recommendations: For versions...

7.5CVSS7.3AI score0.01408EPSS
Exploits0References4
0day.today
0day.today
added 2017/05/25 12:0 a.m.57 views

Skia Graphics Library - Heap Overflow due to Rounding Error in SkEdge::setLine Exploit

Exploit for multiple platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1155 Skia bug: https://bugs.chromium.org/p/skia/issues/detail?id=6294 There is a heap overflow in SkARGB32ShaderBlitter::blitH caused by a rounding error in SkEdge::setLine. To...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/05/25 12:0 a.m.364 views

Skia Graphics Library Heap Overflow

Skia Graphics Library: heap overflow due to rounding error in SkEdge::setLine Skia bug: https://bugs.chromium.org/p/skia/issues/detail?id=6294 There is a heap overflow in SkARGB32ShaderBlitter::blitH caused by a rounding error in SkEdge::setLine. To trigger the bug Skia needs to be compiled with...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2017/05/25 12:0 a.m.31 views

Skia Graphics Library - Heap Overflow due to Rounding Error in SkEdge::setLine

Skia Graphics Library - Heap Overflow due to Rounding Error in SkEdge::setLine / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1155 Skia bug: https://bugs.chromium.org/p/skia/issues/detail?id=6294 There is a heap overflow in SkARGB32ShaderBlitter::blitH caused by a rounding...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/25 12:0 a.m.26 views

Skia Graphics Library - Heap Overflow due to Rounding Error in SkEdge::setLine

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1155 Skia bug: https://bugs.chromium.org/p/skia/issues/detail?id=6294 There is a heap overflow in SkARGB32ShaderBlitter::blitH caused by a rounding error in SkEdge::setLine. To trigger the bug Skia needs to be compiled with...

7.4AI score
Exploits0
0day.today
0day.today
added 2017/05/23 12:0 a.m.55 views

Apple iOS / macOS - NSKeyedArchiver Heap Corruption Due to Rounding Error in TIKeyboardLayout initWi

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1172 Using lldb inside a simple helloworld app for iOS we can see that there are over 600 classes which we could get deserialized for persistance for example. The TextInput...

7.5CVSS8.8AI score0.06725EPSS
Exploits3
Rows per page
Query Builder