177 matches found
CVE-2024-56737
GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...
UCI IDOL 2 安全漏洞
UCI IDOL 2 IDOL2,uciIDOL is a management system from UCI Inc. to optimize the company's business processes as well as increase productivity. A security vulnerability exists in UCI IDOL 2 version 2.12 and prior versions that stems from data being transferred over raw sockets without any...
CVE-2024-45167
The CVE-2024-45167 entry concerns UCI IDOL 2 (IDOL2) prior to or up to version 2.12. The root cause is improper input validation, improper deserialization, and restricting operations within memory buffer bounds, leading to a DoS condition and potential remote code execution. A specific XmlMessage...
CVE-2023-33976
TensorFlow is an end-to-end open source platform for machine learning. arrayops.upperbound causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12...
PT-2024-12453
Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.13 TensorFlow versions 2.12 and earlier Description The issue is caused by array ops.upper bound when not given a rank 2 tensor, resulting in a segfault. The estimated number of potentially affected devices...
CVE-2023-4001 affecting package grub2 for versions less than 2.12-1
CVE-2023-4001 affecting package grub2 for versions less than 2.12-1. A patched version of the package is available...
OPENSUSE-SU-2024:13328-1 grub2-2.12~rc1-5.1 on GA media
These are all security issues fixed in the grub2-2.12rc1-5.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2024-34459
An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c...
PT-2024-21371 · Fastdds +1 · Fastdds +1
Name of the Vulnerable Software and Affected Versions: FastDDS versions 2.6.x through 2.12.x Description: An issue in the HistoryQosPolicy component of FastDDS leads to a SIGABRT signal abort upon receiving DataWriter's data. Recommendations: For versions 2.6.x through 2.12.x, consider disabling...
BIT-TENSORFLOW-2023-25660 TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when the parameter summarize of tf.rawops.Print is zero, the new method SummarizeArray will reference to a nullptr, leading to a seg fault. A fix is included in TensorFlow version 2.12 and version...
BIT-TENSORFLOW-2023-27579 TensorFlow has Floating Point Exception in TFLite in conv kernel
TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1...
GHSA-7JWH-3VRQ-Q3M8 vulnerabilities
Vulnerabilities for packages: ferretdb, k3s, kube-bench, wavefront-collector-for-kubernetes, falcosidekick-fips, caddy-fips, kots, spicedb, temporal-server-fips, keda-fips, trillian-fips, kine, argo-workflows-fips, step, kube-bench-fips, amass, caddy, trillian, src, temporal-server, argo-workflow...
Smsot SQL Injection Vulnerability
Smsot is a professional community operation solution from China Motech Smsot company. A SQL injection vulnerability exists in Smsot 2.12 and earlier versions, which stems from the parameter tid in the file /get.php that causes SQL injection...
openSUSE 15 Security Update : cppcheck (openSUSE-SU-2023:0413-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0413-1 advisory. - An issue in Cppcheck 2.12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token.cpp:1934. CVE-2023-39070...
SUSE CVE-2023-39070
An issue in Cppcheck 2.12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token.cpp:1934...
CVE-2023-39070
An issue in Cppcheck 2.12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token.cpp:1934...
Design/Logic Flaw
An issue in Cppcheck 2.12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token.cpp:1934...
CVE-2023-39070
CVE-2023-39070 affects cppcheck (2.12 dev) with a local arbitrary-code execution via removeContradiction in token.cpp:1934, caused by a heap use-after-free. Several advisories confirm a fixed heap use-after-free and reference upgraded packages (e.g., openSUSE SUSE openSUSE-SU-2023:0413-1, patch t...
PT-2023-21178
Name of the Vulnerable Software and Affected Versions IntelR Optimization for Tensorflow versions prior to 2.12 Description The issue is related to improper buffer restrictions, which may allow an authenticated user to potentially enable escalation of privilege via local access. Recommendations F...
Intel® Optimization for TensorFlow Software Advisory
Summary: A potential security vulnerability in the Intel® Optimization for TensorFlow software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-27506 Description: Improper buffer restrictions in...