10 matches found
EUVD-2018-4509
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2024-36915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfc: llcp: fix nfcllcpsetsockopt unsafe copies syzbot reported unsafe calls to copyfromsockptr 1 Use copysafefromsockptr instead. 1 BUG: KASAN: slab-out-of-boun...
CVE-2024-36915 nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies
In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: fix nfcllcpsetsockopt unsafe copies syzbot reported unsafe calls to copyfromsockptr 1 Use copysafefromsockptr instead. 1 BUG: KASAN: slab-out-of-bounds in copyfromsockptroffset include/linux/sockptr.h:49 inline BUG:...
When user of GroupBuy is a contract, refunds will be permanently frozen.
Lines of code Vulnerability details Description claim function is used in GroupBuy to mint Raes proportional to user's contribution to the purchased NFT. withdrawBalance is used to get back funds which are not part of the contribution. They both contain an unsafe call with ETH. For example:...
thenify before 3.3.1 made use of unsafe calls to `eval`.
Versions of thenify prior to 3.3.1 made use of unsafe calls to eval. Untrusted user input could thus lead to arbitrary code execution on the host. The patch in version 3.3.1 removes calls to eval...
JDK: missing null check when accelerating Unsafe calls
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it...
JDK: missing null check when accelerating Unsafe calls
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it...
JDK: missing null check when accelerating Unsafe calls
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it...
CVE-2015-2941
Cross-site scripting XSS vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to inject arbitrary web script or HTML via an invalid parameter in a wddx format request to api.php, which is not properly handled in an error...
CVE-2010-2934
Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to cause a denial of service exception and daemon crash via unknown vectors related to "unsafe substr calls."...