12 matches found
USN-8349-3 rsync regression
USN-8349-1 fixed vulnerabilities in rsync. Unfortunately that update introduced multiple regressions in rsync functionality. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Calum Hutton discovered that rsync contained a heap-based out-of-bounds read...
Important: rsync
Issue Overview: Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outsi...
ALPINE-CVE-2025-9820
A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the applicatio...
CVE-2018-13068
The mintToken function of a smart contract implementation for AzurionToken AZU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...
Practical Reasoning Interruption Attacks on Reasoning Large Language Models
Reasoning large language models RLLMs have demonstrated outstanding performance across a variety of tasks, yet they also expose numerous security vulnerabilities. Most of these vulnerabilities have centered on the generation of unsafe content. However, recent work has identified a distinct...
Incorrect Calculation
OpenZeppelin Contracts is vulnerable to Incorrect Calculations. The vulnerability exists in the beforeTokenTransfer function because ERC721Consecutive does not update balances when the batch has a size of one and consists of a single token, resulting in a token overflow when calling the balanceOf...
YLCToken Number Error Vulnerability
YLCToken is an ethereum-based digital currency. An integer overflow vulnerability exists in the 'mintToken' function in YLCToken's smart contract implementation. An attacker can exploit this vulnerability to set the balance of any user to an arbitrary value...
Good Time Coin Digital Error Vulnerability
Good Time Coin GTY is an ethereum-based digital currency.An integer overflow vulnerability exists in the 'mintToken' function of GTY's smart contract implementation. An attacker can exploit this vulnerability to set the balance of any user to an arbitrary value...
C3 Token Number Error Vulnerability
C3 Token C3 is an Ether-based digital currency. An integer overflow vulnerability exists in the 'mintToken' function in C3's smart contract implementation. An attacker can exploit this vulnerability to set the balance of any user to an arbitrary value...
AMR Contract Token Integer Overflow Vulnerability
AMR contract tokens, known as AMMBR contract tokens, are ethereum-based smart contract tokens which use the ERC20 token standard. AMR contract tokens have an integer overflow vulnerability. An attacker can issue additional tokens at will...
CVE-2018-13208
The sell function of a smart contract implementation for MoneyTree TREE, an Ethereum token, has an integer overflow in which "amount sellPrice" can be zero, consequently reducing a seller's assets...
VulnCheck KEV: CVE-2018-10299
An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin BEC, the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two receivers...