UPX Assertion Abort Vulnerability

UPX is an open source executable file packaging program that supports a variety of file formats from different operating systems. An assertion abort vulnerability exists in MemBuffer::alloc in mem.cpp in UPX version 4.0.0. An attacker can exploit this vulnerability via a specially crafted file to...

CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...

CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...

CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...

CVE-2021-32032

In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation in the event of a failure can prevent the abort operation in the associated cryptographic library from freeing internal resources, causing a memory leak...

PT-2021-19637

Name of the Vulnerable Software and Affected Versions: Trusted Firmware-M versions prior to 1.4 Description: The issue arises when cleaning up memory allocated for a multi-part cryptographic operation fails, preventing the abort operation in the associated cryptographic library from freeing...

PYSEC-2021-217

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalMaxPoolGrad triggers an undefined behavior if one of the input tensors is empty. The code is also vulnerable to a denial of service attack as a CHECK condition becomes false and aborts...

CVE-2021-29531

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a CHECK fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the...

2019.2 IPU – TSX Asynchronous Abort Advisory

Summary: A potential security vulnerability in TSX Asynchronous Abort TAA for some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-11135 Description: TSX Asynchronous Abort...

NewStart CGSL CORE 5.04 / MAIN 5.04 : freerdp Multiple Vulnerabilities (NS-SA-2021-0047)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has freerdp packages installed that are affected by multiple vulnerabilities: - In FreeRDP greater than 1.2 and before 2.0.0, a double free in updatereadcachebitmapv3order crashes the client application if corrupted data from a...

The vulnerability of the SpeechRecognizerImpl::Abort function in Google Chrome web browser allows a hacker to trigger a service failure.

The vulnerability of the SpeechRecognizerImpl::Abort function in Google Chrome web browsers is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause a service failure through a specially created HTML page...

CentOS 8 : virt:rhel (CESA-2020:0279)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:0279 advisory. - hw: TSX Transaction Asynchronous Abort TAA CVE-2019-11135 Note that Nessus has not tested for this issue but has instead relied only on the application's...

EulerOS 2.0 SP3 : libexif (EulerOS-SA-2021-1083)

According to the versions of the libexif package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media...

freerdp: out-of-bounds read could result in aborting the session

In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0...

EulerOS 2.0 SP5 : libexif (EulerOS-SA-2020-2251)

According to the versions of the libexif package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media...

DEBIAN-CVE-2020-15669

When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR 68.12 and...

UBUNTU-CVE-2020-15669

When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR 68.12 and...

freerdp: out-of-bounds read could result in aborting the session

In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0...

PYSEC-2020-314

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data...

PYSEC-2020-122

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data...