CVE-2022-38152

An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSLclear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct...

Storage layout collision issue between NounsDAOStorageV1 and NounsDAOStorageV1Adjusted

Lines of code Vulnerability details Impact Since two new variables are added in the contract NounsDAOStorageV1Adjusted at the end of the struct proposal, the memory layout between the NounsDAOStorageV1 and NounsDAOStorageV1Adjusted is colluding. This affects the variable type and values in the...

in V2 Struct Proposal adds new params - totalSupply & creationBlock. So items in struct can overlap, as the struct consumes more slots.

Lines of code Vulnerability details Impact Possible slot overlapping. Reference: Proof of Concept additing new Proposal structs Tools Used Visual Studio Recommended Mitigation Steps Append new variables that will manage this totalSupply/CreationBlock info stored. --- The text was updated...

10-Strike Network Inventory Explorer 9.3 Buffer Overflow Vulnerability

10-Strike Network Inventory Explorer versions 9.3 and below are vulnerable to a SEH based buffer overflow which leads to code execution or local privilege escalation. The vulnerable part of the program is the functionality to add computers from a text file. I. VULNERABILITY...

createLock: User can lose funds by sending a wrong _value parameter

Lines of code Vulnerability details Impact Users can lose funds by sending a wrong value parameter. The problems relays in casting value to int128. Solidity does not check casting, just math operations. If a user tries to lock an amount greater than 2^128, the transaction won't be reverted and...

Functions quitLock and delegate fundamentally change game theory of VoteEscrow

Lines of code Vulnerability details Impact Without delegation it is not possible to remove voting power before the end of a lock. Function quitLock now makes this possible, but it does not just affect the user who quits the lock. Any votes that are delegated to them are temporarily lost from the...

CVE-2022-30633

Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag...

CVE-2021-33643

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...

CVE-2021-33644

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...

CVE-2021-33644

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...

Out-of-bounds

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...

Code injection

Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag...

CVE-2022-30633

The CVE-2022-30633 incident affects Go's encoding/xml package: Unmarshal can panic due to stack exhaustion when unmarshalling XML into a struct with nested fields using the any tag, in Go versions prior to 1.17.12 and 1.18.4. The published advisories (including ALAS2023-2023-046, ALAS2023-2023-04...

Kaitai Struct: compiler vulnerable to denial-of-service (DoS)

Overview Kaitai Struct: compiler provided by Kaitai team contains SnakeYAML library version 1.25, which is used in parsing .ksy files. SnakeYAML version 1.25 expands recursive aliases unlimitedly CWE-674, hence Katai Struct: compiler is vulnerable to a denial-of-service DoS attack by Billion Laug...

JVN#42883072: Kaitai Struct: compiler vulnerable to denial-of-service (DoS)

Kaitai Struct: compiler provided by Kaitai team contains SnakeYAML library version 1.25, which is used in parsing .ksy files. SnakeYAML version 1.25 expands recursive aliases unlimitedly CWE-674, hence Katai Struct: compiler is vulnerable to a denial-of-service DoS attack by Billion Laughs Attack...

GSD-2022-1004562 KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op()

KVM: x86: Fully initialize 'struct kvmlapicirq' in kvmpvkickcpuop This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.132 by commit...

GSD-2022-1004386 KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op()

KVM: x86: Fully initialize 'struct kvmlapicirq' in kvmpvkickcpuop This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.56 by commit...

GSD-2022-1004167 KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op()

KVM: x86: Fully initialize 'struct kvmlapicirq' in kvmpvkickcpuop This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.13 by commit...

GO-2022-0523 Stack exhaustion when unmarshaling certain documents in encoding/xml

Unmarshaling an XML document into a Go struct which has a nested field that uses the 'any' field tag can panic due to stack exhaustion...

[SECURITY] Fedora 35 Update: golang-github-gohugoio-localescompressed-1.0.1-2.fc35

The locales from https://github.com/gohugoio/locales in one package/struct...