CVE-2022-35984

TensorFlow is an open source platform for machine learning. ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-35984)

i2c: smbus: fix NULL function pointer dereference This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503537; scriptversion"1.2";...

CVE-2025-35984

creationtimestamp| type| source ---|---|--- 2025-08-25 17:00:17+00:00| seen| https://infosec.place/objects/0c4a6b51-c339-4648-8cd9-5a4b3328e05d 2025-08-26 00:14:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxbabbfdek2z...

CVE-2025-35984

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .pcx file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

CVE-2025-35984

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .pcx file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

SAIL Image Decoding Library PCX Image Decoding heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2217 SAIL Image Decoding Library PCX Image Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-35984 SUMMARY A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library...

TencentOS Server 3: kernel (TSSA-2024:1028)

"The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1028 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilitie...

TencentOS Server 2: kernel (TSSA-2024:1029)

"The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1029 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilitie...

CVE-2023-35984

The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An attacker in physical proximity can cause a limited out of bounds write...

CVE-2020-35984

A stored cross site scripting XSS vulnerability in the 'Users Alerts' feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Title' parameter...

Azure Linux 3.0 Security Update: kernel (CVE-2024-35984)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35984 advisory. - In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-35984)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35984 advisory. - In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer...

CVE-2024-35984 affecting package kernel for versions less than 6.6.35.1-4

CVE-2024-35984 affecting package kernel for versions less than 6.6.35.1-4. An upgraded version of the package is available that resolves this issue...

USN-6938-1: Linux kernel vulnerabilities

It was discovered that the device input subsystem in the Linux kernel did not properly handle the case when an event code falls outside of a bitmap. A local attacker could use this to cause a denial of service system crash. CVE-2022-48619 黄思聪 discovered that the NFC Controller Interface NCI...

Ubuntu: Security Advisory (USN-6921-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6938-1)

"The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6938-1 advisory. It was discovered that the device input subsystem in the Linux kernel did not properly handle the case when an event code falls outside of a...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6921-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6921-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...

USN-6921-2: Linux kernel vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6921-2)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6921-2 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...

USN-6921-1: Linux kernel vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...