GHSA-F67Q-WR6W-23JQ Boa has an uncaught exception when transitioning the state of `AsyncGenerator` objects

A wrong assumption made when handling ECMAScript's AsyncGenerator operations can cause an uncaught exception on certain scripts. Details Boa's implementation of AsyncGenerator makes the assumption that the state of an AsyncGenerator object cannot change while resolving a promise created by method...

RHEL 6 : gcc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gcc: integer overflow flaws in libgfortran CVE-2014-5044 - Integer overflow in the new operator in gcc...

OSV-2024-504 Heap-buffer-overflow in ultrahdr::getYuv420Pixel

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69101 Crash type: Heap-buffer-overflow READ 1 Crash state: ultrahdr::getYuv420Pixel std::1::function::funcultrahdr::JpegR::applyGainMap ultrahdr::JpegR::applyGainMap...

CVE-2024-5112

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/studentprofile.php. The manipulation of the argument stdindex leads to sql injection. The attack can be initiated...

Complete Web-Based School Management System SQL注入漏洞

Campcodes Complete Web-Based School Management System is a web-based school management system from Campcodes, Inc. A SQL injection vulnerability exists in Campcodes Complete Web-Based School Management System version 1.0, which originates from an unknown function in /view/studentprofile.php that...

OSV-2024-476 Heap-buffer-overflow in ultrahdr::getYuv420Pixel

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68946 Crash type: Heap-buffer-overflow READ 1 Crash state: ultrahdr::getYuv420Pixel std::1::function::funcultrahdr::JpegR::applyGainMap ultrahdr::JpegR::applyGainMap...

CVE-2024-4648

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /view/studentexammarkupdateform.php. The manipulation of the argument stdindex leads to cross site scripting...

Complete Web-Based School Management System 跨站脚本漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A cross-site scripting vulnerability exists in version 1.0 of the Campcodes Complete Web-Based School Management System, which originates from a cross-site scripting vulnerability in...

OSV-2024-330 UNKNOWN READ in std::__1::__POW10_SPLIT_2

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67360 Crash type: UNKNOWN READ Crash state: std::1::POW10SPLIT2...

abstract-account-factory (>=0.13.0 <=0.16.1), abstract-adapter-utils (>=0.16.0 <=0.19.2) +414 more potentially affected by CVE-2024-58263 via cosmwasm-std (=1.3.4)

cosmwasm-std CARGO version =1.3.4 is affected by a known vulnerability. The following packages have a transitive dependency on cosmwasm-std and may be impacted: - abstract-account-factory =0.13.0, =0.16.0, =0.1.0, =0.0.1, =0.1.0, =0.2.0-beta.4, =0.2.0-beta.4, =0.13.0, =0.16.5, =0.2.0-beta.4,...

RUSTSEC-2024-0338 Arithmetic overflows in cosmwasm-std

Some mathematical operations in cosmwasm-std use wrapping math instead of panicking on overflow for very big numbers. This can lead to wrong calculations in contracts that use these operations. Affected functions: - Uint256,512::pow / Int256,512::pow - Int256,512::neg Affected if overflow-checks ...

PT-2025-31019 · Unknown · Cosmwasm-Std

Name of the Vulnerable Software and Affected Versions: cosmwasm-std crate versions prior to 2.0.2 Description: The cosmwasm-std crate contains an integer overflow issue that can lead to incorrect contract calculations. Recommendations: Update to version 2.0.2 or later...

PT-2024-5911 · Rust +1 · Rust +1

Name of the Vulnerable Software and Affected Versions: Rust affected versions not specified Description: The issue is related to the std::process::Command component of the Rust programming language on Windows operating systems. It involves the injection or modification of arguments, potentially...

CVE-2023-31854

std::badalloc is mishandled in Precomp 0.4.8. NOTE: this is disputed because it should be categorized as a usability problem...

CVE-2023-31854

CVE-2023-31854 concerns Precomp 0.4.8, where the program mishandles std::bad_alloc. The description notes that this is disputed and should be categorized as a usability problem, which is reflected across multiple sources (NVD/Red Hat/CVE listings). The connected documents confirm the affected com...

Updated qpdf packages fix security vulnerability

Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::sharedcount function at /bits/sharedptrbase.h. CVE-2024-24246...

BIT-TENSORFLOW-2021-41220 Use after free in `CollectiveReduceV2`

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...

Buffer Overflow

Qpdf is vulnerable to Heap Buffer Overflow. The vulnerability is due to improper handling in the std::sharedcount function at /bits/sharedptrbase.h, allowing attackers to crash the application by exploiting the heap buffer overflow...

CVE-2024-24246

Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::sharedcount function at /bits/sharedptrbase.h...

CVE-2024-24246

Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::sharedcount function at /bits/sharedptrbase.h...