15 matches found
EUVD-2017-15253
Malware in sbrugna...
UBUNTU-CVE-2022-49067
In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts at 0x8000000000000000. Because of the way pa works we have: pa0x8000000000000000 == 0, and therefore virttopfn0x8000000000000000 == ...
Abseil 安全漏洞
Abseil is an Abseil generic library C++ open-sourced by Abseil. Abseil has a security vulnerability that stems from a buffer overflow problem caused by the size constructor, reserve and rehash methods of absl::flat,nodehashset,map not imposing an upper limit on its size parameter...
AZL-48510 CVE-2024-43872 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Handle CEQEs in BH...
CVE-2024-43872
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Handle CEQEs in BH...
CVE-2024-43872 RDMA/hns: Fix soft lockup under heavy CEQE load
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Handle CEQEs in BH...
CVE-2024-43872 RDMA/hns: Fix soft lockup under heavy CEQE load
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Handle CEQEs in BH...
SUSE CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
mintFee can be set to 100%
Lines of code Vulnerability details Impact The mintFee can be set to 100%. An amount of centralization over the usual is to be expected in a protocol that deals with RWAs and requires KYC but being able to set the fee to 100% is unnecessary, dangerous, and could harm Ondo's reputation. Proof of...
Owner can set lockUntil to a very large timestamp to create not-removeable tier and not-pause-able tier
Lines of code Vulnerability details Impact Owner can set lockUntil to a very large timestamp to create not-removeable tier. when a tier is created, the owner can set lockUntil parameter @member lockedUntil The time up to which this tier cannot be removed or paused. when the owner call adjustTier,...
Unbounded loop in BaseV1-core.sol could lead to a griefing/DOS attack
Lines of code Vulnerability details Denial Of Service Attack Denial-of-service attacks: Attacks that cause DoS are called DoS attacks. The purpose is to disable the computer or network from providing normal service. Description: As this array can grow quite large, the transaction’s gas cost could...
Munin Local File Write Vulnerability
Munin is a set of network resource monitoring tools. The tool monitors core system resources including memory, disk, CPU usage, server applications and more. A local file write vulnerability exists in Munin versions prior to 2.999.6. An attacker can exploit the vulnerability by setting multiple...
DEBIAN-CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
UBUNTU-CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
Google Pwnium Program Now Open All Year
Google is expanding its successful Pwnium vulnerability reward program–which has run at various security conferences for a couple of years now–to run continuously and offer an unlimited pool of financial rewards. Pwnium originally was established as an alternative to the Pwn2Own hacking contest a...