103 matches found
CVE-2020-36430
libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decodechars called from decodefont and processtext because the wrong integer data type is used for subtraction...
libass 缓冲区错误漏洞
libass is a subtitle renderer based on the ASS/SSA format by an individual developer. A security vulnerability exists in libass that stems from a heap-based buffer overflow because the wrong integer data type is used for subtraction...
Exposure.sortVaultsByDelta can underflow
Handle cmichel Vulnerability details Vulnerability Details The sortVaultsByDelta function performs an unsafe subtraction on two uint256 before casting them to int256. The subtraction can underflow and the cast to int256 can either fail and revert the transaction if greater than typeint256.max, or...
Buoy3Pool.safetyCheck can underflow
Handle cmichel Vulnerability details Vulnerability Details The safetyCheck function performs an unsafe subtraction on two uint256 before casting them to int256. The subtraction can underflow and the cast to int256 can either fail and revert the transaction if greater than typeint256.max, or, fit...
Logic error in fee subtraction
Handle 0xsanson Vulnerability details Impact In LibBalances.applyTrade we need to collect a fee from the trade. The current code however subtracts a fee from the short position and adds it to the long. The correct implementation is to subtract a fee to both see TracerPerpetualSwaps.solL272. This...
Huawei EulerOS: Security Advisory for mercurial (EulerOS-SA-2019-2214)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : mercurial Multiple Vulnerabilities (NS-SA-2019-0234)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has mercurial packages installed that are affected by multiple vulnerabilities: - Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized da...
NewStart CGSL CORE 5.04 / MAIN 5.04 : mercurial Multiple Vulnerabilities (NS-SA-2019-0216)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has mercurial packages installed that are affected by multiple vulnerabilities: - Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized da...
CVE-2019-13109
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction...
Linux Kernel - Pointer Leak via BPF Exploit
Exploit for linux platform in category dos / poc / Commit 82abbf8d2fc46d79611ab58daa7c608df14bb3ee "bpf: do not allow root to mangle valid pointers", first in v4.15 included the following snippet: ========= @@ -2319,43 +2307,29 @@ static int adjustregminmaxvalsstruct bpfverifierenv env, if...
Security update for mercurial (moderate)
This update for mercurial fixes the following issues: Security issues fixed: - CVE-2018-13346: Fix mpatchapply function in mpatch.c that incorrectly proceeds in cases where the fragment start is past the end of the original data bsc1100354. - CVE-2018-13347: Fix mpatch.c that mishandles integer...
Security update for mercurial (moderate)
This update for mercurial fixes the following issues: Security issues fixed: - CVE-2018-13348: Fix the mpatchdecode function in mpatch.c that mishandles certain situations where there should be at least 12 bytes remaining after thecurrent position in the patch data boo1100353. - CVE-2018-13347: F...
Authentication flaw
mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...
CVE-2018-13347
mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...
Lhasa lha decode_level3_header Heap Corruption Vulnerability
SUMMARY An exploitable integer underflow exists during calculation size for all headers in decodelevel3header function of Lhasa lha application. Smaller value of headerlen than LEVEL3HEADERLEN 32 cause during subtraction integer underflow and lead later to memory corruption via heap based buffer...
CVE-2014-6786
The Math for Kids - Subtraction aka it.tinytap.attsa.deepsub application 1.2.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The Math for Kids - Subtraction aka it.tinytap.attsa.deepsub application 1.2.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6786
The CVE refers to The Math for Kids - Subtraction (aka it.tinytap.attsa.deepsub) Android app version 1.2.10, where the SSL/TLS trust check is not performed (does not verify X.509 certificates). This allows man-in-the-middle attackers to spoof servers and potentially obtain sensitive information v...
CVE-2014-6786
The Math for Kids - Subtraction aka it.tinytap.attsa.deepsub application 1.2.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2012-5958
Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string th...