Lucene search
K

35 matches found

Redos
Redos
•added 2024/07/30 12:0 a.m.•29 views

ROS-20240730-01

A vulnerability in the freempimage function of the free media player Mplayer is related to writing outside of memory boundaries memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in free mpgetbits function of Mplayer media player is relate...

5.5CVSS7AI score0.00358EPSS
Exploits8
Cvelist
Cvelist
•added 2024/04/17 6:41 p.m.•31 views

CVE-2024-3900 Out-of-bounds stack array write in Xpdf 4.05 due to missing zero check

Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText...

2.9CVSS4.3AI score0.00178EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2024/04/17 6:41 p.m.•18 views

CVE-2024-3900 Out-of-bounds stack array write in Xpdf 4.05 due to missing zero check

Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText...

2.9CVSS7AI score0.00178EPSS
Exploits0References1
Code423n4
Code423n4
•added 2023/10/30 12:0 a.m.•12 views

Staking functionality temporary blocking due to lack of address zero check

Lines of code Vulnerability details Impact Though lack of zero check issue for the addToBlacklist function is already at the automated findings output, I suppose it is necessary to show the importance of this check here. In case of accidental or malicious the BLACKLISTMANAGERROLE behavior the...

7.1AI score
Exploits0
Code423n4
Code423n4
•added 2023/07/31 12:0 a.m.•12 views

Missing Input Validation and Error Definition

Lines of code Vulnerability details Impact Missing Input Validation and Error Definition of globalSupplyIndex & globalBorrowIndex in L827-L844 & L865-L883 respectively of MultiRewardDistributor.sol could create complications as "sub" function of L844 & L883 would stop execution in cases of...

7.1AI score
Exploits0
Code423n4
Code423n4
•added 2023/03/30 12:0 a.m.•10 views

Derivative Pool Issue can Lead to Loss User Funds when Unstaking

Lines of code Vulnerability details Impact In all withdraw functions of derivatives, there is no check for sending zero Ether back to the safEth contract. It is important to note that the addressmsg.sender.callvalue: 0"" function returns true even when transferring a zero value. On the other hand...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2022/06/26 12:0 a.m.•10 views

lender variable in is not the same as constructory and method in the construcotr ther is no check for address zero

Lines of code Vulnerability details Impact lender variable not the same as constructory and method its no check for address zero Recommended Mitigation Steps check for address zero in the constructor --- The text was updated successfully, but these errors were encountered: šŸ˜• 1 KenzoAgada reacted...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2022/06/02 12:0 a.m.•9 views

user can pay alot of money with out getting his tokens

Lines of code Vulnerability details lockveasset function: lockveasset functoin should do some transfer but if that dosnt happen then user can can loose alot of money and if incentiveveasset is 0 because the check is 0 and if statment will not pass and the minting will not happen and your not goin...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/04/20 12:0 a.m.•11 views

DoS at CitadelMinter.sol

Lines of code Vulnerability details Impact At CitadelMinter.sol, Funding Pool Weight can't be set at the beginning since totalFundingPoolWeight value is not assigned and Zero meanwhile being cached to newTotalWeight. Hence the substraction will not perform as it will yield to a negative value whi...

6.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
•added 2021/11/09 10:15 p.m.•3 views

CVE-2021-43572

The verify function in the Stark Bank Python ECDSA library aka starkbank-escada or ecdsa-python before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

9.8CVSS7.4AI score0.01198EPSS
Exploits1References4
ClickHouse
ClickHouse
•added 2021/10/18 12:0 a.m.•12 views

CVE-2021-42390

Divide-by-zero in ClickHouse's DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0. JFrog Security Research Team...

6.5CVSS5.5AI score0.01239EPSS
Exploits1
Code423n4
Code423n4
•added 2021/08/25 12:0 a.m.•8 views

Market whitelist does not work

Handle cmichel Vulnerability details The RCTreasury.marketWhitelistCheck function gets the marketWhitelistmsgSender variable and performs a special check if it's non-zero. However, there's no way to set the whitelist in the first place making this function unnecessary. Impact The market whitelist...

6.9AI score
Exploits0
Prion
Prion
•added 2021/05/14 8:15 p.m.•18 views

Design/Logic Flaw

TensorFlow is an end-to-end open source platform for machine learning. TFLite's convolution codehttps://github.com/tensorflow/tensorflow/blob/09c73bca7d648e961dd05898292d91a8322a9d45/tensorflow/lite/kernels/conv.cc has multiple division where the divisor is controlled by the user and not checked ...

4.6CVSS7.5AI score0.00201EPSS
Exploits1References2Affected Software1
Veracode
Veracode
•added 2020/12/06 4:1 a.m.•29 views

Missing Zero Check

ImageMagick is vulnerable to missing zero check vulnerability. This vulnerability exist due to a missing check for 0 value of replaceextent. Ann attacker is able to trigger the vulnerability by a crafted input file...

5.5CVSS2.6AI score0.01133EPSS
Exploits1References4Affected Software4
OSV
OSV
•added 2020/12/04 3:15 p.m.•5 views

UBUNTU-CVE-2020-27770

Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...

5.5CVSS6.8AI score0.01133EPSS
Exploits1References5
Rows per page
Query Builder