2523 matches found
PT-2021-18360 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.1.4 through 2.4.2 Description: Incomplete validation in SparseAdd results in allowing attackers to exploit undefined behavior, such as dereferencing null pointers and writing outside of...
Ubuntu 16.04 LTS : GNU C Library vulnerabilities (USN-4954-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4954-1 advisory. Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow...
CVE-2021-20311
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from...
Design/Logic Flaw
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from thi...
UBUNTU-CVE-2021-20309
A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to...
Design/Logic Flaw
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from...
Design/Logic Flaw
A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to...
CVE-2021-20310
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from thi...
UBUNTU-CVE-2021-29952
When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. This vulnerability affects Firefox 88.0.1 and Firefox for Android 88.1.3...
RUSTSEC-2021-0113 AtomicBucket<T> unconditionally implements Send/Sync
In the affected versions of the crate, AtomicBucket unconditionally implements Send/Sync traits. Therefore, users can create a data race to the inner T: !Sync by using the AtomicBucket::datawith API. Such data races can potentially cause memory corruption or other undefined behavior. The flaw was...
CVE-2021-20310
A flaw was found in ImageMagick, where a division by zero ConvertXYZToJzazbz of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to syst...
CVE-2021-20309
A flaw was found in ImageMagick, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability...
MGASA-2021-0156 Updated imagemagick packages fix security vulnerabilities
A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability CVE-2021-20241. A flaw was found in...
Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2021-1682)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-20244
A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
CVE-2021-20246
A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
CVE-2021-20245
A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
CVE-2021-20244
A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
CVE-2021-20243
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
DEBIAN-CVE-2021-20243
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...