CVE-2023-31146

CRITICAL Year: 2023
CVSS v3 Score
9.1
Critical
Weakness Type
CWE-787
View all →

Vulnerability Description

Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, during codegen, the length word of a dynarray is written before the data, which can result in out-of-bounds array access in the case where the dynarray is on both the lhs and rhs of an assignment. The issue can cause data corruption across call frames. The expected behavior is to revert due to out-of-bounds array access. Version 0.3.8 contains a patch for this issue.

Related Vulnerabilities

CVE-2017-2615

CRITICAL
CVSS:9.1(Critical)

Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A pri...

CWE-7872017

CVE-2019-5541

CRITICAL
CVSS:9.1(Critical)

VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may le...

CWE-7872019

CVE-2020-0283

CRITICAL
CVSS:9.1(Critical)

There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-163008257

CWE-7872020

CVE-2020-0367

CRITICAL
CVSS:9.1(Critical)

There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-162980455

CWE-7872020

CVE-2020-17528

CRITICAL
CVSS:9.1(Critical)

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer o...

CWE-7872020

CVE-2020-9142

CRITICAL
CVSS:9.1(Critical)

There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly pr...

CWE-7872020