597 matches found
PT-2022-5232
Name of the Vulnerable Software and Affected Versions SQLite versions 1.0.12 through 3.39.x before 3.39.2 Description The issue is related to an array-bounds overflow in the SQLite API library, which can be triggered by a remote attacker using a long sequence of string data processed by the print...
DEBIAN-CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...
CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...
CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...
UBUNTU-CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...
CVE-2021-28699
CVE-2021-28699 affects Xen-based platforms (Citrix Hypervisor and Xen). The issue is an inadequate bounds check in the grant table status path: translation of the grant-status frame numbers can exceed allocated translation space, allowing writes beyond the intended area. Citrix shows this as a ho...
CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...
CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...
CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr
arr crate contains multiple security issues. Specifically, 1. It incorrectly implements Sync/Send bounds, which allows to smuggle non-Sync/Send types across the thread boundary. 2. Index and IndexMut implementation does not check the array bound. 3. Array::newfromtemplate drops uninitialized memo...
GHSA-FHVJ-7F9P-W788 Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr
arr crate contains multiple security issues. Specifically, 1. It incorrectly implements Sync/Send bounds, which allows to smuggle non-Sync/Send types across the thread boundary. 2. Index and IndexMut implementation does not check the array bound. 3. Array::newfromtemplate drops uninitialized memo...
CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...
CVE-2021-37665
TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in MKL implementation of requantization, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap...
Advisory ROSA-SA-2021-1901
Software: libvorbis 1.3.3 OS: Cobalt 7.9 CVE-ID: CVE-2020-20412 CVE-Crit: MEDIUM CVE-DESC: lib / codebook.c in libvorbis before 1.3.6, which was used in StepMania 5.0.12 and other products, has insufficient array bounds checking with the created OGG file. CVE-STATUS: default CVE-REV: default...
ALPINE-CVE-2021-32027
A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this...
PYSEC-2021-494
TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to tf.rawops.Dilation2DBackpropInput. This is because the...
EulerOS Virtualization 3.0.2.6 : libvorbis (EulerOS-SA-2021-1440)
According to the version of the libvorbis package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking v...
Huawei EulerOS: Security Advisory for libvorbis (EulerOS-SA-2021-1493)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : libvorbis (EulerOS-SA-2021-1493)
According to the version of the libvorbis package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking v...
CentOS 8 : java-1.8.0-openjdk (CESA-2019:1816)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1816 advisory. - OpenJDK: Side-channel attack risks in Elliptic Curve EC cryptography Security, 8208698 CVE-2019-2745 - OpenJDK: Insufficient checks of suppressed...