EUVD-2018-2163

Malware in sbrugna...

EUVD-2023-2641

Malicious code in bioql PyPI...

Tech-ASan: Two-Stage Check for Address Sanitizer

Address Sanitizer ASan is a sharp weapon for detecting memory safety violations, including temporal and spatial errors hidden in C/C++ programs during execution. However, ASan incurs significant runtime overhead, which limits its efficiency in testing large software. The overhead mainly comes fro...

CVE-2023-44378

gnark is a zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.9.0, for some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of a, for small values there exists a second decomposition for a...

GHSA-498W-5J49-VQJG gnark unsoundness in variable comparison / non-unique binary decomposition

Impact For some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of a, for small values there exists a second decomposition for a+r where r is the modulus the values are being reduced by. The second decomposition was possib...

Incorrect value comparison in Ruby openssl

An issue was discovered in the OpenSSL library in Ruby when two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one...

CVE-2018-10081

CMS Made Simple CMSMS through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring...