CVE-2024-45393 Computer Vision Annotation Tool (CVAT) is missing authorization for endpoints related to webhook deliveries

Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account can access webhook delivery information for any webhook registered on the CVAT instance, including that of other users. For each delivery, this contains...

Computer Vision Annotation Tool 安全漏洞

Computer Vision Annotation Tool CVAT is a cvat.ai open source interactive video and image annotation tool for computer vision. A security vulnerability exists in Computer Vision Annotation Tool CVAT versions prior to 2.18.0 that originates from an attacker with a CVAT account having access to any...

CVE-2024-33054 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Computer Vision

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine...

CVE-2024-33054 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Computer Vision

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine...

CVE-2024-33038 Untrusted Pointer Dereference in Computer Vision

Memory corruption while passing untrusted/corrupted pointers from DSP to EVA...

CVE-2024-33038 Untrusted Pointer Dereference in Computer Vision

Memory corruption while passing untrusted/corrupted pointers from DSP to EVA...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a classic buffer overflow issue contained in the Computer Vision component...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from an untrusted pointer dereference issue contained in the Computer Vision component...

CVAT Security Vulnerabilities

CVAT is an interactive video and image annotation tool for computer vision. A security vulnerability exists in CVAT version 2.2.0 through versions prior to 2.14.3. An attacker exploiting this vulnerability could obtain media files, annotations, settings, and other information from any project,...

PT-2024-27348 · Microsoft +1 · Azure Blob Storage +1

Name of the Vulnerable Software and Affected Versions: Computer Vision Annotation Tool CVAT versions 2.1.0 through 2.14.3 Description: The issue allows an attacker with a CVAT account to exploit a feature by specifying custom endpoint URLs for cloud storages based on Amazon S3 and Azure Blob...

CVAT Security Vulnerabilities

CVAT is an interactive video and image annotation tool for computer vision. A security vulnerability exists in CVAT Computer Vision Annotation Tool version 2.1.0 through versions prior to 2.14.3. An attacker can exploit the vulnerability to obtain sensitive information...

IBM Maximo Application Suite Log Information Disclosure Vulnerability

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A log information disclosure vulnerability exists in IBM Maximo Application Suite versions 8.10 and 8.11...

IBM Maximo Application Suite Cross-Site Scripting Vulnerability

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Maximo Application Suite version 7.6.1.3, which stems...

Ring curtails law enforcement’s access to footage

US law enforcement will no longer be able to request footage through the Neighbors app produced by Ring video doorbells and surveillance cameras. Until now Ring’s Request for Assistance RFA function allowed law enforcement to ask for and obtain user footage, but this function will be retired. Alo...

Food delivery robots give captured video footage to police

In what sounds like a new step towards Skynet, footage from a food delivery robot has been used as part of a criminal investigation. As 404 Media reports, the food delivery robots that are deployed for Uber Eats in Los Angeles are operated by Serve Robotics, which ultimately wants to deploy up to...

QR codes in email phishing

QR codes are everywhere: you can see them on posters and leaflets, ATM screens, price tags and merchandise, historical buildings and monuments. People use them to share information, promote various online resources, pay for their goodies, and pass verification. And yet you dont see lots of QR cod...

PT-2023-20538 · Opencv +2 · Opencv +2

Name of the Vulnerable Software and Affected Versions: OpenCV wechat qrcode Module versions up to 4.7.0 Description: A problematic issue has been found in the OpenCV wechat qrcode Module, affecting the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decoded bit stre...

CVE-2022-33281

Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames...

Memory corruption

Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames...

CVE-2022-33281

CVE-2022-33281 describes memory corruption due to improper validation of an array index in the computer vision EVA kernel on Qualcomm chipsets. The vulnerability is associated with the EVA kernel’s computer vision component during testing without frames. Connected sources corroborate memory corru...