33 matches found
BIT-GOLANG-2024-24789 Mishandling of corrupt central directory record in archive/zip
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...
Medium: gnutls
Issue Overview: A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. Only TLS ciphertext processing is affected. CVE-2023-5981 Affected Packages: gnutls Issue Correction:...
NetScaler NTP sync failure when NTP server Root Dispersion value greater that 1 second
NetScaler NTP sync failure when Root Dispersion value is larger than 1 second. Dispersion isthe maximum difference recorded between the NTP client and the NTP serverrecorded in seconds. Root Dispersion measures the maximum amount of variance between the NTP server and its known time source. If...
GHSA-P75V-367R-2V23 `cell-project` used incorrect variance when projecting through `&Cell<T>`
Overview The issue lies in the implementation of the cellproject macro which used field as const instead of field as mut . The problem being that const T is covariant in T while mut T is invariant in T. Keep in mind that &Cell is invariant in T, so casting to const T relaxed the variance, and lea...
`cell-project` used incorrect variance when projecting through `&Cell<T>`
Overview The issue lies in the implementation of the cellproject macro which used field as const instead of field as mut . The problem being that const T is covariant in T while mut T is invariant in T. Keep in mind that &Cell is invariant in T, so casting to const T relaxed the variance, and lea...
updateBaseRate and getBorrowRate will always revert if Note/gUSDC TWAP is above 1
Lines of code Vulnerability details Impact updateBaseRate will revert if Note/gUSDC TWAP is above 1 causing all dependent functions to revert as well Proof of Concept If twapMantissa is greater than 1 then L147 will revert due to underflow error Tools Used Recommended Mitigation Steps It seems th...
GHSA-9C9F-7X9P-4WQP A malicious coder can get unsound access to TCell or TLCell memory
This is impossible to do by accident, but by carefully constructing marker types to be covariant, a malicious coder can cheat the singleton check in TCellOwner and TLCellOwner, giving unsound access to cell memory. This could take the form of getting two mutable references to the same memory, or ...
Permissioned nature of TwapOracle allows owner to manipulate oracle
Handle TomFrench Vulnerability details Impact Potentially frozen or purposefully inaccurate USDV:VADER price feed. Proof of Concept Only the owner of TwapOracle can call update on the oracle. Should the owner desire they could cease calling update on the oracle for a period. Over this period the...
`cell-project` used incorrect variance when projecting through `&Cell<T>`
Overview The issue lies in the implementation of the cellproject macro which used field as const instead of field as mut . The problem being that const T is covariant in T while mut T is invariant in T. Keep in mind that &Cell is invariant in T, so casting to const T relaxed the variance, and lea...
RUSTSEC-2020-0164 `cell-project` used incorrect variance when projecting through `&Cell<T>`
Overview The issue lies in the implementation of the cellproject macro which used field as const instead of field as mut . The problem being that const T is covariant in T while mut T is invariant in T. Keep in mind that &Cell is invariant in T, so casting to const T relaxed the variance, and lea...
Description of the security update for SharePoint Server 2019: October 8, 2019
Description of the security update for SharePoint Server 2019: October 8, 2019 Summary This security update resolves an elevation of privilege vulnerability that exists in Microsoft SharePoint. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2019-1330...
Software Defined Radio Attack Tool: RFCrack
RFCrack is my personal RF test bench, it was developed for testing RF communications between any physical device that communicates over sub Ghz frequencies. IoT devices, Cars, Alarm Systems etc… Testing was done with the Yardstick One on OSX, but RFCrack should work fine in linux. Current support...
Cryptographic libraries and applications do not adequately defend against timing attacks
Overview Cryptographic libraries and applications do not provide adequate defense against a side-channel timing attack against RSA private keys. Such an attack has been shown to be practical using currently available hardware on systems and networks with sufficiently low variance in latency...