Missing Critical Step In Authentication

Central Dogma is vulnerable to Missing Critical Step in Authentication. The vulnerability is due accepting unsigned SAML messages assertions, logout requests, etc. as they are when using SAML as the authentication mechanism instead of rejecting them. An attacker can forge a SAML message to...

SUSE CVE-2021-47040

In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...

CentOS 9 : protobuf-c-1.3.3-13.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the protobuf-c-1.3.3-13.el9 build changelog. - protobuf-c before 1.4.1 has an unsigned integer overflow in parserequiredmember. CVE-2022-48468 Note that Nessus has not tested for this issue...

CentOS 9 : shim-unsigned-x64-15.6-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the shim-unsigned-x64-15.6-1.el9 build changelog. - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot...

DEBIAN-CVE-2021-47040

In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...

UBUNTU-CVE-2021-47040

In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...

The vulnerability of the `apply_sao_internal<unsigned short>` function (sao.cc) in the h.265 Libde265 codec implementation allows a attacker to cause a service failure.

The vulnerability of the applysaointernal function sao.cc in the h.265 Libde265 implementation is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

GHSA-HX5Q-V6PJ-533R SAML authentication bypass due to missing validation on unsigned SAML messages

Impact When SAML is used as the authentication mechanism, Central Dogma accepts unsigned SAML messages assertions, logout requests, etc. as they are, rather than rejecting them by default. As a result, an attacker can forge a SAML message to authenticate themselves, despite the fact that such an...

GHSA-4M6J-23P2-8C54 Armeria SAML authentication bypass due to missing validation on unsigned SAML messages

Impact The SAML implementation provided by armeria-saml currently accepts unsigned SAML messages assertions, logout requests, etc. as they are, rather than rejecting them by default. As a result, an attacker can forge a SAML message to authenticate themselves, despite the fact that such an unsign...

PT-2024-40337 · Armeria +1 · Armeria +1

Name of the Vulnerable Software and Affected Versions: Central Dogma versions prior to 0.64.3 Description: The issue arises when SAML is used for authentication, as Central Dogma accepts unsigned SAML messages by default, instead of rejecting them. This allows an attacker to forge SAML messages f...

CVE-2024-1633 FIP Header Integer Overflow

During the secure boot, bl2 the second stage of the bootloader loops over images defined in the table “bl2memparamsdescs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integ...

Buffer Overflow

libzephyr.so is vulnerable to Buffer overflow. The vulnerability is due to signed to unsigned conversion when passing a negative size to memcpy, which can lead to buffer overflow in the esp32ipmsend function...

CVE-2023-6249

Signed to unsigned conversion esp32ipmsend...

Design/Logic Flaw

Signed to unsigned conversion esp32ipmsend...

CVE-2023-6249 ipm: signed to unsigned conversion problem in esp32_ipm_send

Signed to unsigned conversion esp32ipmsend...

CVE-2023-6249

CVE-2023-6249 affects the Zephyr RTOS component esp32_ipm_send. The root cause is a signed-to-unsigned conversion that can cause a buffer overflow in esp32_ipm_send (as described by Veracode), elevating risk for affected builds. Public documents describe a buffer overflow condition but do not spe...

CVE-2023-6249 ipm: signed to unsigned conversion problem in esp32_ipm_send

Signed to unsigned conversion esp32ipmsend...

zephyr Security Breach

Zephyr is an extensible real-time operating system RTOS open-sourced by the Zephyr Project. A security vulnerability exists in zephyr 3.5 and earlier versions, which stems from a signed to unsigned conversion issue in esp32ipmsend...

PT-2024-14913 · Espressif · Esp32 Ipm Send

Name of the Vulnerable Software and Affected Versions: esp32 ipm send affected versions not specified Description: The issue involves a signed to unsigned conversion in the esp32 ipm send function. This could potentially lead to unexpected behavior or errors. No information is provided about the...

The vulnerability of the put_qpel_fallback() function in the h.265 Libde265 implementation allows a perpetrator to trigger a service failure.

The vulnerability of the putqpelfallback function in the h.265 Libde265 implementation is related to the issue where the operation’s output goes beyond the buffer in memory when processing the unsigned short data type. Exploiting this vulnerability can allow a malicious actor to cause service...