7041 matches found
CVE-2022-31620
In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan...
CVE-2022-31620
In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan...
`CHECK` failure in depthwise ops via overflows
Impact The implementation of depthwise ops in TensorFlow is vulnerable to a denial of service via CHECK-failure assertion failure caused by overflowing the number of elements in a tensor: python import tensorflow as tf input = tf.constant1, shape=1, 4, 4, 3, dtype=tf.float32 filtersizes =...
CVE-2022-31651
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...
CVE-2022-31651
SoX 14.4.2 contains an assertion failure in rate_init (rate.c in libsox.a). Affected component is SoX itself; the root cause is an assertion failure leading to abnormal termination (crash). Public advisories link this CVE to denial-of-service-like outcomes in some summaries; multiple CSPs indicat...
PT-2022-20875 · Libjpeg +1 · Libjpeg +1
Name of the Vulnerable Software and Affected Versions: libjpeg versions prior to 1.64 Description: The issue is related to an assertion failure in BitStream::Get in bitstream.hpp, which may cause denial of service. This occurs due to out-of-bounds array access during specific scan modes, includin...
libjpeg 缓冲区错误漏洞
libjpeg is a library written entirely in C that contains widely used implementations of JPEG decoding, JPEG encoding, and other JPEG functionality. libjpeg versions prior to 1.64 contain a denial-of-service vulnerability that stems from an assertion failure in BitStream in bitstream.hpp, which ca...
CVE-2022-31651
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...
SoX 输入验证错误漏洞
SoX is a set of audio processing tools. SoX version 14.4.2 contains a denial of service vulnerability that results from an assertion failure in rateinit in rate.c in libsox.a. The vulnerability can be exploited to cause a denial of service. An attacker could exploit this vulnerability to cause a...
PT-2022-6491 · Sox +4 · Sox +4
Name of the Vulnerable Software and Affected Versions: SoX version 14.4.2 Description: The issue is related to an assertion failure in the rate init function within the rate.c component of the SoX audio editor. This failure is due to insufficient use of the assert function. Exploitation of this...
CVE-2022-31651
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...
CVE-2022-31261
An XXE issue was discovered in Morpheus through 5.2.16 and 5.4.x through 5.4.4. A successful attack requires a SAML identity provider to be configured. In order to exploit the vulnerability, the attacker must know the unique SAML callback ID of the configured identity source. A remote attacker ca...
Google TensorFlow integer overflow vulnerability (CNVD-2022-44166)
Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable to integer overflow in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which originates from tf.rawops. SpaceToBatchND has an integer overflow problem. An attacker could use this...
CVE-2022-29209
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions e.g., CHECKLT, CHECKGT, etc. have an incorrect logic when comparing sizet and int values. Due to type conversion rules, several of t...
Type confusion
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions e.g., CHECKLT, CHECKGT, etc. have an incorrect logic when comparing sizet and int values. Due to type conversion rules, several of t...
Google TensorFlow安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow versions prior to 2.9.0, prior to 2.8.1, prior to 2.7.2, and prior to 2.6.4, which stems from incorrect logic when comparing sizet when writi...
CVE-2022-29209 Type confusion leading to `CHECK`-failure based denial of service in TensorFlow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions e.g., CHECKLT, CHECKGT, etc. have an incorrect logic when comparing sizet and int values. Due to type conversion rules, several of t...
CVE-2022-29209
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions e.g., CHECKLT, CHECKGT, etc. have an incorrect logic when comparing sizet and int values. Due to type conversion rules, several of t...
CVE-2019-11066
openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...
CVE-2021-38385
Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007...