Lucene search
K

84 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-2289

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00611EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.3 views

PT-2025-27968

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the SFQ perturb period in the net sched module. The issue was reported by Gerrard Tai, who found that the SFQ perturb...

5.5CVSS6.4AI score0.00161EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/06 12:1 a.m.8 views

CVE-2022-29208

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.EditDistance has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service. In multiple places throughout...

7.1CVSS6.6AI score0.00378EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 10:45 a.m.15 views

CVE-2024-21522

All versions of the package audify are vulnerable to Improper Validation of Array Index when frameSize is provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions it is not checked for negative values. This can lead to a process crash...

7.5CVSS6.7AI score0.00611EPSS
Exploits0References1
OSV
OSV
added 2024/11/25 5:18 p.m.8 views

CLSA-2024-1732555093 Fix CVE(s): CVE-2020-27767

SECURITY UPDATE: Undefined behavior due to values outside range in quantum.h - debian/patches/CVE-2020-27767.patch: Fix quantum.h to include float.h to handle min and max values for Quantum type - debian/patches/CVE-2020-27767-1.patch: Fix ClampToQuantum function to handle negative values correct...

4.3CVSS7AI score0.01124EPSS
Exploits1References1
NVD
NVD
added 2024/09/27 1:15 p.m.40 views

CVE-2024-46821

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clkidex as an index into an array pptable-DpmDescriptor. V2: fix clkindex return check Tim Huang...

7.8CVSS0.0026EPSS
Exploits0References8
OSV
OSV
added 2024/07/10 6:33 a.m.53 views

GHSA-7VHM-FMPH-7WXW audify vulnerable to Improper Validation of Array Index

All versions of the package audify are vulnerable to Improper Validation of Array Index when frameSize is provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions it is not checked for negative values. This can lead to a process crash...

8.7CVSS7.5AI score0.00611EPSS
Exploits0References6
OSV
OSV
added 2024/06/06 7:15 p.m.5 views

CVE-2024-36730

Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS via inputting negative values into the oneflow.zeros/ones parameter...

7.5CVSS5.8AI score0.00515EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/06 7:6 p.m.16 views

CVE-2024-36730

Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS via inputting negative values into the oneflow.zeros/ones parameter...

6.8AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/06 7:6 p.m.24 views

CVE-2024-36730

Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS via inputting negative values into the oneflow.zeros/ones parameter...

0.00515EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/06 12:0 a.m.4 views

PT-2024-27140 · Oneflow · Oneflow

Name of the Vulnerable Software and Affected Versions: Oneflow version 0.9.1 Description: The issue is related to improper input validation, allowing attackers to cause a Denial of Service DoS by inputting negative values into the oneflow.zeros/ones parameter. Recommendations: For version 0.9.1,...

7.5CVSS6.8AI score0.00515EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/04/30 2:21 a.m.3 views

SUSE CVE-2024-26927

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Add some bounds checking to firmware data Smatch complains about "head-fullsize - head-headersize" can underflow. To some extent, we're always going to have to trust the firmware a bit. However, it's easy enough to add...

5.5CVSS6.4AI score0.00293EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/04/11 2:30 a.m.3 views

SUSE CVE-2024-26815

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCATAPRIOTCENTRYINDEX check taprioparsetcentry is not correctly checking TCATAPRIOTCENTRYINDEX attribute: int tc; // Signed value tc = nlagetu32tbTCATAPRIOTCENTRYINDEX; if tc = TCQOPTMAXQUEUE...

5.5CVSS6.8AI score0.00272EPSS
Exploits0References8
OSV
OSV
added 2024/04/10 11:15 a.m.1 views

DEBIAN-CVE-2024-26815

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCATAPRIOTCENTRYINDEX check taprioparsetcentry is not correctly checking TCATAPRIOTCENTRYINDEX attribute: int tc; // Signed value tc = nlagetu32tbTCATAPRIOTCENTRYINDEX; if tc = TCQOPTMAXQUEUE...

5.5CVSS5.5AI score0.00272EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/04/10 11:15 a.m.26 views

CVE-2024-26815

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCATAPRIOTCENTRYINDEX check taprioparsetcentry is not correctly checking TCATAPRIOTCENTRYINDEX attribute: int tc; // Signed value tc = nlagetu32tbTCATAPRIOTCENTRYINDEX; if tc = TCQOPTMAXQUEUE...

5.5CVSS6.2AI score0.00272EPSS
Exploits0References12
OSV
OSV
added 2024/04/10 11:7 a.m.5 views

CVE-2024-26815 net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCATAPRIOTCENTRYINDEX check taprioparsetcentry is not correctly checking TCATAPRIOTCENTRYINDEX attribute: int tc; // Signed value tc = nlagetu32tbTCATAPRIOTCENTRYINDEX; if tc = TCQOPTMAXQUEUE...

5.5CVSS6.1AI score0.00272EPSS
Exploits0References8
OSV
OSV
added 2024/03/06 11:15 a.m.19 views

BIT-TENSORFLOW-2022-21728 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

8.1CVSS7.9AI score0.01125EPSS
Exploits1References5
Prion
Prion
added 2024/02/07 5:15 p.m.19 views

Design/Logic Flaw

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an int as an index for an array. The typechecker allows the usage of...

7.5CVSS7.2AI score0.01539EPSS
Exploits1References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9670

Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...

4.3CVSS6.8AI score0.0418EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.5 views

SUSE CVE-2018-19623

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values...

6.8CVSS7.7AI score0.04155EPSS
Exploits1References8
Rows per page
Query Builder