144 matches found
CVE-2024-0050
In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-0050
CVE-2024-0050 involves an out-of-bounds write in the getConfig path of SoftVideoDecoderOMXComponent.cpp. The issue is triggered via missing validation and results in a local, nonāsecurity impact with no additional execution privileges required (no user interaction). Affected detail: the vulnerabi...
ASB-A-273935108
In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution privileges needed. User interaction is not needed for exploitation...
Information Disclosure
matrixsynapse is vulnerable to Information Disclosure. The vulnerability is caused by a missing validation check for the userid parameter used to query cached device information of remote users. This can lead to enumerating the remote users known to a homeserver...
Denial Of Service (DoS)
pypdf is vulnerable to Denial Of Service DoS. The vulnerability is caused by a missing validation check if the current object in a clone operation has already been visited so that it will not be added in to a list of objects to visit again. An attacker can craft a malicious PDF which can lead to ...
Improper Input Validation
postcss is vulnerable to Improper Input Validation. The vulnerability is due to the REBADBRACKET in tokenize.js which does not account for carriage returns \r. This means that any CSS containing a carriage return character \r would not be matched by this regular expression, potentially allowing...
Path Traversal
github.com/argoproj/argo-cd/v2 is vulnerable to Path Traversal. The vulnerability is caused by a missing validation check in the repo server API that prevents file traversal attacks. This can lead to an attacker leaking values or files from the referenced Helm Chart by using a using a...
Authentication Bypass
Sustainsys.Saml2 is vulnerable to Authentication Bypass. The vulnerability is caused by a missing validation check for the issuer of the Saml2 assertion in a Saml2 response and issuer identified in the stored request state. This can lead to a malicious identity provider to craft a Saml2 response...
Missing validation checks on sending non blocking LZ payload
Lines of code Vulnerability details Impact In OFTCoreV2 provided as example by LayerZero function sendaddress from, uint16 dstChainId, bytes32 toAddress, uint amount, address payable refundAddress, address zroPaymentAddress, bytes memory adapterParams internal virtual returns uint amount...
LACK OF VALIDATION CHECK COULD LEAD TO WRONG TOKEN TRANSFERS THUS BREAKING THE PROTOCOL
Lines of code Vulnerability details Impact The InterchainTokenService.processSendTokenWithDataPayload function is used to process the received token amount with data at the destination InterchainTokenService contract. The received token amount is transferred to either the expressCaller or the...
The signature "V" length is not checked in castApprovalBySig, CastDisapprovalBySig & createActionBySig
Lines of code Vulnerability details Impact The length of the "v" value in the signatures is not checked. V must correspond according to ECDSA principles values of either 27 or 28. Not checking this will result in an attacker crafting a malicious v value and bypassing any checks, withdrawing funds...
Recipient address is not appropriately validated or sanitized in the BaseFeeVault contract (loss of funds)
Lines of code Vulnerability details Impact If the recipient address is not properly validated, an attacker could supply a malicious address as the recipient. This could result in the accumulated fees being sent to an unintended or unauthorized party. It could lead to financial loss or disruption ...
USN-5816-1: Firefox vulnerabilities
Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. CVE-2023-23597 Tom...
ArtGobblers.sol#L411 : mintLegendaryGobbler can be executed without gobblerIds also
Lines of code Vulnerability details Impact The function mintLegendaryGobbler can be called without any gobblerIds as well. Proof of Concept. to mint the legendary gobbler in the function mintLegendaryGobbler, the line ArtGobblers.solL418 calculates the cost. uint256 cost = legendaryGobblerPrice;...
ArtGobblers.sol#L693 : function "tokenURI" does not validate the "gobblerId" for all cases.
Lines of code Vulnerability details Impact validation check for gobblerId is missing for other case inside the function tokenURI. Proof of Concept function tokenURIuint256 gobblerId public view virtual override returns string memory // Between 0 and lastRevealed are revealed normal gobblers. if...
Validation check for payFYToken and payBase functions to allow only valid users.
Lines of code Vulnerability details Impact This will prevent from calling the functions by invalid users. Unnecessary condition verification. Proof of Concept Tools Used Manual code review Recommended Mitigation Steps At the start of the functions, add validation check such that only the user who...
Design/Logic Flaw
Electron is a framework for writing cross-platform desktop applications using JavaScript JS, HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafte...
CVE-2022-29200 Missing validation causes denial of service in TensorFlow via `LSTMBlockCell`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.LSTMBlockCell does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. The cod...
Rocky Linux 8 : c-ares (RLSA-2022:2043)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:2043 advisory. - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong...
CVE-2022-28784
Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic...