CVE-2024-32481 vyper's range(start, start + N) reverts for negative numbers

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a range of the form rangestart, start + N, if start is negative, the execution will always revert. This issue is caused by an incorrect assertion...

CVE-2024-32481

Vyper (Pythonic EVM language) is affected by CVE-2024-32481 in versions from 0.3.8 up to, but not including, 0.4.0b1. The vulnerability arises when looping with range(start, start + N) where start is negative; an incorrect assertion in the code generation of the range statement (stmt.parse_For_ra...

CVE-2024-24563

CVE-2024-24563 affects Vyper, where arrays can be indexed by signed integers even though defined for unsigned indices. The typechecker permits signed integers as array indexes, and with very large arrays, bounds checks can pass for negative values, leading to potential unpredictable behavior, acc...

kernel: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghesestatuspoolinit Change numghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc to fail. The overflow happens in ghesestatuspoolinit when calculating len duri...

kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()

A flaw was found in the Linux kernel’s TCP implementation in the function tcpaddbacklog. When calculating the maximum acceptable backlog for TCP sockets, the sum of the receive buffer skrcvbuf, the send buffer sksndbuf, and a fixed constant may exceed the maximum value of a signed integer due to...

Denial Of Service (DoS)

libsndfile.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a signed integer overflow in the mat4readheader function of mat4.c, which allows an attacker to cause an application crash...

signed integer overflow in filters/mux_isom.c:5716:20

Description The signed integer overflow in MP4Box, and the program will eventually crash due to double-free,. It is uncertain whether the signed integer overflow is directly related to double-free Version $ ./bin/gcc/MP4Box -version MP4Box - GPAC version 2.3-DEV-revrelease c 2000-2023 Telecom Par...

SUSE CVE-2022-33065

Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts...

AZL-27647 CVE-2022-33065 affecting package libsndfile for versions less than 1.0.31-3

Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts...

CVE-2022-33065

Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts...

CVE-2022-33065

Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts...

UBUNTU-CVE-2022-33065

Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts...

libsndfile 输入验证错误漏洞

libsndfile is an AC library for reading and writing sound files containing sampled audio data. A security vulnerability exists in Libsndfile version 1.1.0, which originates from multiple signed integer overflows in the aureadheader function in src/au.c, and in the mat4open and mat4readheader...

NewStart CGSL CORE 5.05 / MAIN 5.05 : expat Multiple Vulnerabilities (NS-SA-2023-0028)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has expat packages installed that are affected by multiple vulnerabilities: - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g.,...

SUSE CVE-2018-14343

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer...

SUSE CVE-2020-26682

In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...

SA45038 - CVE-2022-23852 - Expat (AKA Libexpat) Before 2.4.4 Has a Signed Integer Overflow in XML_GetBuffer, for Configurations With a Nonzero XML_CONTEXT_BYTES

A vulnerability has been reported on the 23rd of Jan 2022 under https://nvd.nist.gov/vuln/detail/CVE-2022-23852 Description: Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. Related link:...

CVE-2022-44566

A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...

CVE-2022-44566

A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...

CVE-2022-44566

A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...