39 matches found
CVE-2023-31102
Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive...
PT-2023-35452 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.169 Description: The issue is related to an underflow in second superblock position calculations in the nilfs2 file system. The actual impact and attack plausibility have not yet been proven...
PT-2023-35384 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.13 Description: The issue is related to an underflow in second superblock position calculations in the nilfs2 file system. The actual impact and attack plausibility have not yet been proven. Recommendations...
PT-2023-35492 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.306 Description: The issue concerns an underflow in second superblock position calculations in the nilfs2 file system. This problem has been identified but its actual impact and potential for attack have n...
PT-2023-34962 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: The issue is related to a potential underflow in the sof ipc4 priority mask dfs write function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
_squeezeDrips() passed the amount argument in place of amtPerSec for the _addDeltaRange, causing either underflow or the sender losing lots of fund!
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. squeezeDrips passes the amount argument in place of amtPerSec for its callee addDeltaRange in the following line addDeltaRangestate, cycleStart, cycleStart + 1, -int256amt AMTPERSECMULTIPLIER; The last...
Uint underflow issue
Lines of code Vulnerability details Impact Potential underflow if shares is greater than totalSupply Proof of Concept Tools Used Manual review Recommended Mitigation Steps Before the following line, check if totalSupply is greater or equal to shares --- The text was updated successfully, but thes...
PT-2022-34731 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0 Description: The issue is related to an underflow in nft counters enabled at nf tables addchain. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel version...
PT-2022-21893 · Hancom · Hancom Office 2020
Name of the Vulnerable Software and Affected Versions: Hancom Office 2020 version 11.0.0.5357 Description: A buffer underflow issue exists in the way Hword of Hancom Office 2020 parses XML-based office files. This can be triggered by a specially-crafted malformed file, causing memory corruption b...
MGASA-2022-0337 Updated libtiff packages fix security vulnerability
libtiff's tiffcrop utility has a uint32t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop likely via tricking a user to run tiffcrop on it with certain parameters could cause a crash or in some cases, further exploitation. CVE-2022-2867...
PT-2022-33368 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 4.18 through 5.19.3 Description: The issue is related to preventing underflow when computing packet sizes in the drm/sun4i dsi component. The actual impact and attack plausibility have not yet been proven. Recommendation...
AlmaLinux 8 : virt:rhel (ALSA-2019:3345)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2019:3345 advisory. ntfs-3g: heap-based buffer overflow leads to local root privilege escalation CVE-2019-9755 QEMU: slirp: information leakage in tcpemu due to uninitialized...
Early small positions may not be able to be liquidated
Handle WatchPug Vulnerability details In the current implementation, new borrows will be charged a 0.5% interest right away. Making the borrower be recorded a 100.5% amount as debt. However, the pre-charged 0.5% interest is not included in the vault's debts. As a result, early small positions in ...
In Go before 1.14.14 and 1.15.x before 1.15.7 crypto/elliptic/p224.go can generate incorrect outputs related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
...
PSF-2010-1 rgbimg and imageop overflows
Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service application crash via a large ZSIZE value in a black-and-white aka B/W RGB image that triggers an invalid pointer dereference...
CVE-2007-6725
The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cfdecode2d function...
CVE-2008-6070
Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of...
DTSA-160-1 tiff - buffer underflow
Bulletin has no description...
CVE-2007-5135
Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...