Lucene search
K

7041 matches found

Debian CVE
Debian CVE
added 2022/05/25 8:6 p.m.38 views

CVE-2022-31620

In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan...

6.5CVSS6.4AI score0.01336EPSS
Exploits1
Cvelist
Cvelist
added 2022/05/25 8:6 p.m.22 views

CVE-2022-31620

In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan...

6.6AI score0.01336EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2022/05/25 7:33 p.m.32 views

`CHECK` failure in depthwise ops via overflows

Impact The implementation of depthwise ops in TensorFlow is vulnerable to a denial of service via CHECK-failure assertion failure caused by overflowing the number of elements in a tensor: python import tensorflow as tf input = tf.constant1, shape=1, 4, 4, 3, dtype=tf.float32 filtersizes =...

5.5CVSS2.8AI score0.00307EPSS
Exploits1References4Affected Software3
Debian CVE
Debian CVE
added 2022/05/25 12:0 a.m.36 views

CVE-2022-31651

In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...

5.5CVSS7.5AI score0.01114EPSS
Exploits1
CVE
CVE
added 2022/05/25 12:0 a.m.142 views

CVE-2022-31651

SoX 14.4.2 contains an assertion failure in rate_init (rate.c in libsox.a). Affected component is SoX itself; the root cause is an assertion failure leading to abnormal termination (crash). Public advisories link this CVE to denial-of-service-like outcomes in some summaries; multiple CSPs indicat...

5.5CVSS6.9AI score0.01114EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/05/25 12:0 a.m.6 views

PT-2022-20875 · Libjpeg +1 · Libjpeg +1

Name of the Vulnerable Software and Affected Versions: libjpeg versions prior to 1.64 Description: The issue is related to an assertion failure in BitStream::Get in bitstream.hpp, which may cause denial of service. This occurs due to out-of-bounds array access during specific scan modes, includin...

6.5CVSS6.2AI score0.01336EPSS
Exploits1References11
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.4 views

libjpeg 缓冲区错误漏洞

libjpeg is a library written entirely in C that contains widely used implementations of JPEG decoding, JPEG encoding, and other JPEG functionality. libjpeg versions prior to 1.64 contain a denial-of-service vulnerability that stems from an assertion failure in BitStream in bitstream.hpp, which ca...

6.5CVSS5.6AI score0.01336EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/05/25 12:0 a.m.20 views

CVE-2022-31651

In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...

7.4AI score0.01114EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.3 views

SoX 输入验证错误漏洞

SoX is a set of audio processing tools. SoX version 14.4.2 contains a denial of service vulnerability that results from an assertion failure in rateinit in rate.c in libsox.a. The vulnerability can be exploited to cause a denial of service. An attacker could exploit this vulnerability to cause a...

5.5CVSS5.7AI score0.01114EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2022/05/25 12:0 a.m.3 views

PT-2022-6491 · Sox +4 · Sox +4

Name of the Vulnerable Software and Affected Versions: SoX version 14.4.2 Description: The issue is related to an assertion failure in the rate init function within the rate.c component of the SoX audio editor. This failure is due to insufficient use of the assert function. Exploitation of this...

10CVSS5.6AI score0.07401EPSS
Exploits19References114
AlpineLinux
AlpineLinux
added 2022/05/25 12:0 a.m.50 views

CVE-2022-31651

In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...

5.5CVSS7.3AI score0.01114EPSS
Exploits1
OSV
OSV
added 2022/05/24 3:15 p.m.3 views

CVE-2022-31261

An XXE issue was discovered in Morpheus through 5.2.16 and 5.4.x through 5.4.4. A successful attack requires a SAML identity provider to be configured. In order to exploit the vulnerability, the attacker must know the unique SAML callback ID of the configured identity source. A remote attacker ca...

7.5CVSS5.8AI score0.01095EPSS
Exploits0References2
CNVD
CNVD
added 2022/05/24 12:0 a.m.12 views

Google TensorFlow integer overflow vulnerability (CNVD-2022-44166)

Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable to integer overflow in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which originates from tf.rawops. SpaceToBatchND has an integer overflow problem. An attacker could use this...

5.5CVSS6AI score0.00332EPSS
Exploits1References1
NVD
NVD
added 2022/05/21 12:15 a.m.14 views

CVE-2022-29209

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions e.g., CHECKLT, CHECKGT, etc. have an incorrect logic when comparing sizet and int values. Due to type conversion rules, several of t...

5.5CVSS0.00385EPSS
Exploits1References9
Prion
Prion
added 2022/05/21 12:15 a.m.37 views

Type confusion

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions e.g., CHECKLT, CHECKGT, etc. have an incorrect logic when comparing sizet and int values. Due to type conversion rules, several of t...

2.1CVSS6.1AI score0.00385EPSS
Exploits1References9Affected Software1
CNNVD
CNNVD
added 2022/05/21 12:0 a.m.2 views

Google TensorFlow安全漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow versions prior to 2.9.0, prior to 2.8.1, prior to 2.7.2, and prior to 2.6.4, which stems from incorrect logic when comparing sizet when writi...

5.5CVSS5.5AI score0.00385EPSS
Exploits1References10
OSV
OSV
added 2022/05/20 11:25 p.m.23 views

CVE-2022-29209 Type confusion leading to `CHECK`-failure based denial of service in TensorFlow

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions e.g., CHECKLT, CHECKGT, etc. have an incorrect logic when comparing sizet and int values. Due to type conversion rules, several of t...

5.5CVSS5.3AI score0.00385EPSS
Exploits1References11
Debian CVE
Debian CVE
added 2022/05/20 11:25 p.m.1 views

CVE-2022-29209

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions e.g., CHECKLT, CHECKGT, etc. have an incorrect logic when comparing sizet and int values. Due to type conversion rules, several of t...

5.5CVSS6.9AI score0.00385EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2022/05/20 11:8 p.m.22 views

CVE-2019-11066

openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...

9.8CVSS1.7AI score0.01514EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2022/05/20 10:59 p.m.25 views

CVE-2021-38385

Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007...

7.5CVSS2.3AI score0.01685EPSS
Exploits1References1
Rows per page
Query Builder