Lucene search
K

7041 matches found

RedhatCVE
RedhatCVE
added 2022/05/20 10:57 p.m.32 views

CVE-2021-46052

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate...

5.5CVSS3.3AI score0.00703EPSS
Exploits6References1
CNNVD
CNNVD
added 2022/05/20 12:0 a.m.3 views

Google TensorFlow输入验证错误漏洞

Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable to integer overflow in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which originates from tf.rawops. SpaceToBatchND has an integer overflow problem. An attacker could use this...

5.5CVSS5.7AI score0.00332EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2022/05/20 12:0 a.m.3 views

PT-2022-19461 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description: TensorFlow is an open source platform for machine learning. The macros that TensorFlow us...

5.5CVSS5.3AI score0.00385EPSS
Exploits1References16
NVD
NVD
added 2022/05/19 10:15 a.m.15 views

CVE-2022-1183

On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS DoT and DNS over HTTPS DoH, bu...

7.5CVSS0.04531EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/05/19 9:55 a.m.19 views

CVE-2022-1183 Destroying a TLS session early causes assertion failure

On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS DoT and DNS over HTTPS DoH, bu...

7.5CVSS7.6AI score0.04531EPSS
Exploits0References2
CVE
CVE
added 2022/05/19 9:55 a.m.197 views

CVE-2022-1183

CVE-2022-1183 describes an assertion-failure termination in the named daemon on vulnerable BIND configurations that reference http in listen-on statements. Affected are BIND 9.18.0–9.18.2 and BIND 9.19.0 (development branch); configurations using DoT are unaffected, while DoT/DoH deployments may ...

7.5CVSS7.3AI score0.04531EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2022/05/18 12:0 a.m.26 views

CVE-2022-1183

On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS DoT and DNS over HTTPS DoH, bu...

7.5CVSS7.1AI score0.04531EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.34 views

ISC BIND 9.18.0 < 9.18.3 Assertion Failure (cve-2022-1183)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2022-1183 advisory. - An assertion failure can be triggered if a TLS connection to a configured http TLS listener with a defined endpoint is...

7.5CVSS7.3AI score0.04531EPSS
Exploits0References2
OSV
OSV
added 2022/05/13 1:9 a.m.3 views

GHSA-GW5J-77F9-V2G2 Loop with Unreachable Exit Condition in Apache CXF

The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service infinite loop via a crafted SAML token in the authorization header of a request to a JAX-RS service...

5CVSS7.2AI score0.07177EPSS
Exploits0References14
OSV
OSV
added 2022/05/13 1:1 a.m.2 views

GHSA-66RX-GQX3-P98M Improper Authentication in Apache Axis2

Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418...

6.4CVSS7.2AI score0.05089EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/13 1:1 a.m.51 views

Improper Authentication in Apache Axis2

Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418...

6.4CVSS6.2AI score0.05089EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2022/05/13 12:0 a.m.22 views

libsixel img2sixel Denial of Service Vulnerability (CNVD-2022-77874)

libsixel is a package that provides encoding/decoding implementations for DEC SIXEL graphics and other converter programs. libsixel img2sixel version 1.8.6 is vulnerable to a denial-of-service vulnerability, which stems from an assertion failure error in stbijpeghuffdecode, stbimage.h:1894 . A...

4.3CVSS5.9AI score0.0097EPSS
Exploits1Affected Software1
Snyk
Snyk
added 2022/05/12 11:6 a.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via an assertion failure in the stbijpeghuffdecode function, due to a crafted JPEG file. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and...

7.5CVSS6.9AI score0.0097EPSS
Exploits1References2
NVD
NVD
added 2022/05/11 2:15 p.m.20 views

CVE-2022-29977

There is an assertion failure error in stbijpeghuffdecode, stbimage.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file...

6.5CVSS0.0097EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/05/11 2:15 p.m.28 views

CVE-2022-29977

There is an assertion failure error in stbijpeghuffdecode, stbimage.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file...

6.5CVSS6.6AI score0.0097EPSS
Exploits1References2
Prion
Prion
added 2022/05/11 2:15 p.m.19 views

Authentication flaw

There is an assertion failure error in stbijpeghuffdecode, stbimage.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file...

4.3CVSS6.2AI score0.0097EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/05/11 1:10 p.m.72 views

CVE-2022-29977

CVE-2022-29977 affects libsixel img2sixel 1.8.6. The vulnerability is an assertion failure in stbi__jpeg_huff_decode (stb_image.h:1894) that enables remote-denial-of-service via a crafted JPEG file. The provided documents do not specify patched versions or remediation steps.

6.5CVSS6.2AI score0.0097EPSS
Exploits1References1Affected Software1
MongoDB
MongoDB
added 2022/05/11 12:0 a.m.60 views

MongoDB Server (mongod) may crash in response to unexpected requests

An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6...

6.5CVSS4.2AI score0.0084EPSS
Exploits2References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.31 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Vulnerability (NS-SA-2022-0041)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has bind packages installed that are affected by a vulnerability: - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported Preview Editio...

6.5CVSS7.4AI score0.0594EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.50 views

NewStart CGSL MAIN 6.02 : unbound Multiple Vulnerabilities (NS-SA-2022-0064)

The remote NewStart CGSL host, running version MAIN 6.02, has unbound packages installed that are affected by multiple vulnerabilities: - DISPUTED Unbound before 1.9.5 allows an integer overflow in the regional allocator via regionalalloc. NOTE: The vendor disputes that this is a vulnerability...

9.8CVSS7.3AI score0.02179EPSS
Exploits0References23
Rows per page
Query Builder