1683 matches found
Mozilla: Incorrect instruction reordering during JIT optimization
Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...
CVE-2021-37692
TensorFlow is an end-to-end open source platform for machine learning. In affected versions under certain conditions, Go code can trigger a segfault in string deallocation. For string tensors, C.TFTStringDealloc is called during garbage collection within a finalizer function. However, tensor...
CVE-2021-37692
TensorFlow is an end-to-end open source platform for machine learning. In affected versions under certain conditions, Go code can trigger a segfault in string deallocation. For string tensors, C.TFTStringDealloc is called during garbage collection within a finalizer function. However, tensor...
PYSEC-2021-803
TensorFlow is an end-to-end open source platform for machine learning. In affected versions under certain conditions, Go code can trigger a segfault in string deallocation. For string tensors, C.TFTStringDealloc is called during garbage collection within a finalizer function. However, tensor...
PYSEC-2021-314
TensorFlow is an end-to-end open source platform for machine learning. In affected versions under certain conditions, Go code can trigger a segfault in string deallocation. For string tensors, C.TFTStringDealloc is called during garbage collection within a finalizer function. However, tensor...
PYSEC-2021-803
TensorFlow is an end-to-end open source platform for machine learning. In affected versions under certain conditions, Go code can trigger a segfault in string deallocation. For string tensors, C.TFTStringDealloc is called during garbage collection within a finalizer function. However, tensor...
PYSEC-2021-314
TensorFlow is an end-to-end open source platform for machine learning. In affected versions under certain conditions, Go code can trigger a segfault in string deallocation. For string tensors, C.TFTStringDealloc is called during garbage collection within a finalizer function. However, tensor...
PYSEC-2021-605
TensorFlow is an end-to-end open source platform for machine learning. In affected versions under certain conditions, Go code can trigger a segfault in string deallocation. For string tensors, C.TFTStringDealloc is called during garbage collection within a finalizer function. However, tensor...
CVE-2021-29984
Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...
UBUNTU-CVE-2021-29984
Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...
Mozilla Firefox < 91.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 91.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-33 advisory. - Mozilla developers and community members Kershaw Chang, Philipp, Chris Peterson, and Sebastian Hengst reporte...
ccxvii mujs 缓冲区错误漏洞
ccxvii mujs is an open source embeddable C language interpreter. A buffer error vulnerability exists in ccxvii mujs, which stems from a buffer overflow vulnerability in mujs due to recursion during the GC scanning phase, allowing remote attackers to cause a denial of service...
Advisory ROSA-SA-2021-1910
Software: lua 5.1.4 OS: Cobalt 7.9 CVE-ID: CVE-2020-15888 CVE-Crit: HIGH CVE-DESC: Lua through 5.4.0 incorrectly handles the interaction between stack resizing and garbage collection, resulting in heap-based buffer overflow, heap-based buffer overflow, or post-release usage. CVE-STATUS: default...
Uncontrolled Resource Consumption in XNIO
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final...
PT-2024-11161 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue allows an attacker to fill up the neighbour table with enough entries that it will overflow for valid connections after that. This behaviour is more prevalent after commit...
August 10, 2021-KB5004333 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1909
August 10, 2021-KB5004333 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1909 Release Date: August 10, 2021 Version: .NET Framework 3.5 and 4.8 The August 10, 2021 update for Windows 10, version 1909 includes cumulative reliability improvements in .NET Framework 3.5 and...
DEBIAN-CVE-2020-14340
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final...
CVE-2020-14340
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final...
CVE-2020-14340
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final...
Security update for prosody (important)
openSUSE Security Update: Security update for prosody Announcement ID: openSUSE-SU-2021:0751-1 Rating: important References: 1186027 Cross-References: CVE-2021-32917 CVE-2021-32918 CVE-2021-32919 CVE-2021-32920 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes four...