CVE-2022-23583 `CHECK`-failures in binary ops in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...

CVE-2022-23583 `CHECK`-failures in binary ops in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...

CVE-2022-23583

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...

Elfloader - An Architecture-Agnostic ELF File Flattener For Shellcode

elfloader is a super simple loader for ELF files that generates a flat in-memory representation of the ELF. Pair this with Rust and now you can write your shellcode in a proper, safe, high-level language. Any target that LLVM can target can be used, including custom target specifications for real...

PT-2022-16100 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This...

The vulnerability of the stab_xcoff_builtin_type function in the GNU Binary Utilities toolset, related to writing beyond buffer boundaries, allows an attacker to execute arbitrary code.

The vulnerability of the stabxcoffbuiltintype function in the GNU Binary Utilities binutils toolset is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...

New SEO Poisoning Campaign Distributing Trojanized Versions of Popular Software

An ongoing search engine optimization SEO poisoning attack campaign has been observed abusing trust in legitimate software utilities to trick users into downloading BATLOADER malware on compromised machines. "The threat actor used 'free productivity apps installation' or 'free software developmen...

curl: Binary output bypass

Binary output check bypass Summary: When curl outputs content, it checks for binary output. If the output is large enough, it bypasses the check for binary output. This can mess with the terminal. Steps To Reproduce: 1. Setup a server of your choice. 2. Create a function f with these arguments:...

NVIDIA Virtual GPU Manager Installed

Binary data nvidiavgpumanagerinstalled.nbin...

Design/Logic Flaw

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...

CVE-2022-23597 Remote program execution with user interaction

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...

ManageEngine Network Configuration Manager (NCM) Detection

Binary data manageenginencmdetect.nbin...

ROS-20220125-16

A vulnerability in the GNU Binary Utilities toolkit binutils is related to a boundary error in the stabxcoffbuiltintype function in stabs.c. Exploitation of the vulnerability could allow an attacker, acting remotely, to initiate unauthorized writing and execution of arbitrary code on the target...

Element Desktop 资源管理错误漏洞

Element Desktop is an open source Matrix client for the Element Web-centered desktop platform from Element. A resource management error vulnerability exists in Element Desktop that can be exploited by an attacker to specify the path to a binary file on the victim's computer...

ROS-20220128-01

The vulnerability in the Polkit library for UNIX-like operating systems is related to improper handling of the number of call parameters in the pkexec setuid binary, which causes the binary to executes environment variables as commands. Exploitation of the vulnerability could allow an attacker to...

CVE-2021-40419

A firmware update vulnerability exists in the 'factory' binary of reolink RLC-410W v3.0.0.13620121102. A specially-crafted series of network requests can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability...

Reolink Rlc-410W Access Control Error Vulnerability

Reolink Rlc-410W is a Wifi security camera from Reolink China.The Reolink RLC-410W in version v3.0.0.13620121102 is vulnerable to an access control error that stems from the device's factory binary not properly restricting access to resources from unauthorized roles. An attacker could exploit the...

PT-2022-11240 · Reolink · Reolink Rlc-410W

Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A firmware update issue exists in the 'factory' binary, allowing an attacker to perform arbitrary firmware updates by sending a specially-crafted series of network requests. This can be...

Mageia: Security Advisory (MGASA-2014-0537)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2020-0112)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...