cookie 安全漏洞

cookie is an HTTP server cookie parsing and serialization library open-sourced by jshttp. A security vulnerability exists in versions prior to cookie 0.7.0, which stems from a vulnerability that allows an attacker to set other fields of a cookie by manipulating the cookie name, resulting in...

CVE-2023-4750

A flaw was found in Vim, where it is vulnerable to a use-after-free in the btquickfix function. This flaw allows a specially crafted file to crash software, use unexpected values, or possibly execute code when opened in Vim...

CVE-2023-4733

A flaw was found in Vim, where it is vulnerable to a use-after-free in the buflistaltfpos function. This flaw allows a specially crafted file to crash software, use unexpected values, or possibly execute code when opened in Vim...

ASB-A-253344080

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code...

Divide before multiply may create unexpected values on interests

Lines of code Vulnerability details Divide before multiply may create unexpected values on interests Impact Solidity integer division might truncate. As a result, performing divide before multiply can sometimes create loss of precision. Details If for example we have an operation: 2/33 The expect...

CVE-2016-9386

The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values...

Basic Integer Overflows

Introduction Basic Integer Overflow : In this paper we are going to describe two classes of programming bugs which can sometimes allow a malicious user to modify the execution path of an affected process. Both of these classes of bug work by causing variables to contain unexpected values, and so...