Lucene search
K

653 matches found

Code423n4
Code423n4
added 2022/05/15 12:0 a.m.12 views

YearnTokenAdapter's wrap can become stuck as it uses one step approval for an arbitrary underlying

Lines of code Vulnerability details Some tokens do not allow for approval of positive amount when allowance is positive already to handle approval race condition, most known example is USDT. This can cause the function to stuck whenever a combination of such a token and leftover approval be met...

6.8AI score
Exploits0
NVD
NVD
added 2022/05/03 9:15 p.m.20 views

CVE-2021-27431

ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc local malloc equivalent function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution...

9.8CVSS0.01048EPSS
Exploits0References1
OSV
OSV
added 2022/05/03 9:15 p.m.4 views

DEBIAN-CVE-2021-27419

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

9.8CVSS9.1AI score0.01529EPSS
Exploits0References1
NVD
NVD
added 2022/05/03 9:15 p.m.15 views

CVE-2021-27435

ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in mallocwrapper function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

9.8CVSS0.01691EPSS
Exploits1References2
NVD
NVD
added 2022/05/03 9:15 p.m.20 views

CVE-2021-27433

ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function mbedkrbs, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

9.8CVSS0.01632EPSS
Exploits0References2
NVD
NVD
added 2022/05/03 9:15 p.m.34 views

CVE-2021-27425

Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mmmalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

9.8CVSS0.01529EPSS
Exploits0References2
NVD
NVD
added 2022/05/03 9:15 p.m.20 views

CVE-2021-27419

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

9.8CVSS0.01529EPSS
Exploits0References2
NVD
NVD
added 2022/05/03 9:15 p.m.18 views

CVE-2021-27427

RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

9.8CVSS0.01529EPSS
Exploits0References2
NVD
NVD
added 2022/05/03 9:15 p.m.24 views

CVE-2021-27411

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...

6.5CVSS0.00827EPSS
Exploits0References2
OSV
OSV
added 2022/05/03 9:15 p.m.19 views

CVE-2021-27433

ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function mbedkrbs, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

9.8CVSS7.5AI score
Exploits0References2
NVD
NVD
added 2022/05/03 9:15 p.m.21 views

CVE-2021-27439

TencentOS-tiny version 3.1.0 is vulnerable to integer wrap-around in function 'tosmmheapalloc incorrect calculation of effective memory allocation size. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code...

9.8CVSS0.01422EPSS
Exploits0References1
OSV
OSV
added 2022/05/03 9:15 p.m.28 views

CVE-2021-27419

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

9.8CVSS7.5AI score
Exploits0References2
CVE
CVE
added 2022/05/03 8:26 p.m.81 views

CVE-2021-27433

CVE-2021-27433 affects the ARM mbed-ualloc memory library (version 1.3.0). The root cause is an integer wrap-around in mbed_krbs, which can lead to arbitrary memory allocation and result in crash or remote code injection/execution. Public sources consistently describe this vulnerability and its i...

9.8CVSS8.7AI score0.01632EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/05/03 8:26 p.m.81 views

CVE-2021-27439

TencentOS-tiny 3.1.0 is reported vulnerable to an integer wrap-around in the tos_mmheap_alloc path, causing incorrect calculation of the allocation size and potentially arbitrary memory allocation, crashes, or remote code execution. The Red Hat/RH CVE entry and multiple references confirm the vul...

9.8CVSS8.7AI score0.01422EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/05/03 8:23 p.m.92 views

CVE-2021-27431

CVE-2021-27431 affects ARM CMSIS RTOS2, versions before 2.1.3. The vulnerability is an integer wrap-around in inosRtxMemoryAlloc (local malloc equivalent) which can lead to arbitrary memory allocation and can cause crashes or injected code execution. Affected product is ARM CMSIS RTOS2 prior to 2...

9.8CVSS8.7AI score0.01048EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/05/03 8:22 p.m.78 views

CVE-2021-27435

CVE-2021-27435 affects ARM Mbed OS 6.3.0. It is due to an integer wrap-around in malloc_wrapper, enabling arbitrary memory allocation and potentially causing a crash or remote code execution. Exploitation status is not detailed in the provided documents, and there is no known public exploit per t...

9.8CVSS8.7AI score0.01691EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/05/03 8:21 p.m.69 views

CVE-2021-27425

CVE-2021-27425 affects Cesanta Software Mongoose-OS v2.17.0. The vulnerability is an integer wrap-around in mm_malloc that can cause improper memory assignment and arbitrary memory allocation, leading to a crash or remote code injection/execution. Public references (NVD/Red Hat/CVE list) corrobor...

9.8CVSS8.7AI score0.01529EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2022/05/03 8:20 p.m.38 views

CVE-2021-27419

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

9.8CVSS9.7AI score0.01529EPSS
Exploits0
CVE
CVE
added 2022/05/03 8:20 p.m.80 views

CVE-2021-27419

The CVE-2021-27419 entry concerns uClibc-ng: versions prior to 1.0.37 are vulnerable to integer wrap-around in malloc-simple, causing improper memory allocation that can trigger crashes or remote code execution. The underlying cause is integer wrap-around in malloc-simple; impact is partial to hi...

9.8CVSS8.7AI score0.01529EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/05/03 8:18 p.m.108 views

CVE-2021-27411

CVE-2021-27411 affects Micrium OS versions 5.10.1 and earlier. The issue is an integer wrap-around in Mem_DynPoolCreate, Mem_DynPoolCreateHW and Mem_PoolCreate, causing unverified memory assignments that can allocate arbitrary memory sizes (e.g., very small blocks instead of very large blocks). T...

6.5CVSS6.8AI score0.00827EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder