7 matches found
EUVD-2015-2408
Malware in sbrugna...
randomIndex is not truly random - possibility of predictably minting a specific token Id
Handle @GalloDaSballo Vulnerability details Impact Detailed description of the impact of this finding. randomIndex: Is not random Any miner has access to these values uint index = uintkeccak256abi.encodePackednonce, msg.sender, block.difficulty, block.timestamp % totalSize; Non miner attackers...
Sandstorm Cap'n Proto Denial of Service Vulnerability
Cap'n Proto is an extremely fast data exchange format and capability-based RPC system. A denial of service vulnerability exists in Sandstorm Cap'n Proto. When an application calls the totalSize method on an object reader, it allows a remote peer to cause a denial of service CPU consumption via a...
CVE-2015-2313
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service CPU consumption via a crafted small message, which triggers a "tight" for loop. NOTE: this vulnerability exists...
DEBIAN-CVE-2015-2313
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service CPU consumption via a crafted small message, which triggers a "tight" for loop. NOTE: this vulnerability exists...
Design/Logic Flaw
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service CPU consumption via a crafted small message, which triggers a "tight" for loop. NOTE: this vulnerability exists...
UBUNTU-CVE-2015-2313
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service CPU consumption via a crafted small message, which triggers a "tight" for loop. NOTE: this vulnerability exists...