Adobe Illustrator out-of-bounds read vulnerability (CNVD-2022-15935)

Adobe Illustrator is a vector-based image creation software from Adobe, Inc. A security vulnerability exists in Adobe Illustrator, which stems from the product's failure to add effective data protection measures. A remote attacker could use the vulnerability to access sensitive information...

Adobe Illustrator out-of-bounds write vulnerability (CNVD-2022-15941)

Adobe Illustrator is a vector-based image creation software from Adobe. Adobe Illustrator has a security vulnerability that can be exploited by attackers to execute arbitrary code in the context of the current user...

Adobe Illustrator out-of-bounds read vulnerability (CNVD-2022-15936)

Adobe Illustrator is a vector-based image creation software from Adobe, Inc. A security vulnerability exists in Adobe Illustrator, which stems from the product's failure to add effective data protection measures. A remote attacker could use the vulnerability to access sensitive information...

Adobe Illustrator out-of-bounds read vulnerability (CNVD-2022-15932)

A security vulnerability exists in Adobe Illustrator, a vector-based image creation software from Adobe, which stems from the product's failure to securely check memory boundaries. An attacker could exploit the vulnerability to cause a sensitive memory leak...

Adobe Illustrator out-of-bounds read vulnerability (CNVD-2022-15933)

Adobe Illustrator is a vector-based image creation software from Adobe, Inc. A security vulnerability exists in Adobe Illustrator, which stems from the product's failure to add effective data protection measures. A remote attacker could use the vulnerability to access sensitive information...

Adobe Illustrator out-of-bounds read vulnerability (CNVD-2022-15934)

Adobe Illustrator is a vector-based image creation software from Adobe, Inc. A security vulnerability exists in Adobe Illustrator, which stems from the product's failure to add effective data protection measures. A remote attacker could use the vulnerability to access sensitive information...

Adobe Illustrator null pointer dereference vulnerability (CNVD-2022-15930)

Adobe Illustrator is a vector-based image creation software from Adobe. Adobe Illustrator has a security vulnerability that could be exploited by attackers to launch an application denial of service in the context of the current user...

Adobe Illustrator out-of-bounds read vulnerability (CNVD-2022-15939)

Adobe Illustrator is a vector-based image creation software from Adobe, Inc. A security vulnerability exists in Adobe Illustrator, which stems from the product's failure to add effective data protection measures. A remote attacker could use the vulnerability to access sensitive information...

CVE-2021-42940

A Cross Site Scripting XSS vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an attacker to upload a SVG file containing malicious JavaScript code...

Projeqtor 安全漏洞

Projeqtor is a PHP-based open source project management software from the Projeqtor community. The software is used to organize various functions required for multiple projects and is suitable for IT projects. A cross-site scripting vulnerability exists in Projeqtor 9.3.1 that allows an attacker ...

matrix-react-skin (>=0.0.1 <=0.0.2), vector-web (=0.3.0) potentially affected by CVE-2021-32622 via matrix-react-sdk (>=0.0.1 <=0.2.0)

matrix-react-sdk NPM version =0.0.1, =0.0.1, =0.0.2 - vector-web =0.3.0 Source cves: CVE-2021-32622 Source advisory: OSV:GHSA-CG57-P69R-3M7P...

CVE-2022-23622 Cross site scripting in registration template in xwiki-platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions there is a cross site scripting XSS vector in the registerinline.vm template related to the xredirect hidden field. This template is only used in the following conditions:...

Siemens Simcenter Femap 缓冲区错误漏洞

Siemens Simcenter Femap is a cutting-edge engineering simulation application from Siemens, Germany. It is used to create, edit and import/reuse mesh-based finite element analysis models of complex products or systems. Siemens Simcenter Femap is vulnerable to an out-of-bounds write vulnerability...

Updated glibc packages fix security vulnerability

Updated glibc packages fix security vulnerability: An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to...

Denial Of Service (DoS)

Tensorflow is vulnerable to denial of service. An attacker may exploit the vulnerability by inputting a large value to numdim causing the system to crash by allocating a large vector based on that value...

Studio 42 elFinder 跨站脚本漏洞

Studio 42 elFinder is an open source web file manager that uses jQuery and jQuery UI and is written in JavaScript. A cross-site scripting vulnerability exists in Studio 42 elFinder that stems from the product's failure to securely handle SVG document data. The vulnerability can be exploited to...

Mozilla Firefox 权限许可和访问控制问题漏洞

Mozilla Firefox is an open source Web browser from the Mozilla Foundation in the U.S. A permission permission and access control issue vulnerability exists in Mozilla Firefox, which stems from the way Firefox handles extension updates. An attacker could use the vulnerability to trick victims into...

GHSA-627Q-G293-49Q7 Abort caused by allocating a vector that is too large in Tensorflow

Impact During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user: cc const auto numdims = Valueshapedim; std::vector dims; dims.reservenumdims; Patches We have patched the issue in GitHub commit 1361fb7e29449629e1df94d44e0427ebec8c83c7. T...

Abort caused by allocating a vector that is too large in Tensorflow

Impact During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user: cc const auto numdims = Valueshapedim; std::vector dims; dims.reservenumdims; Patches We have patched the issue in GitHub commit 1361fb7e29449629e1df94d44e0427ebec8c83c7. T...

PYSEC-2022-144

Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, a...