PYSEC-2021-395

TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition...

GHSA-GX73-2498-R55C Unsound casting in flatbuffers

The implementation of impl Follow for bool allows to reinterpret arbitrary bytes as a bool. In Rust bool has stringent requirements for its in-memory representation. Use of this function allows to violate these requirements and invoke undefined behaviour in safe code...

SUSE: Security Advisory (SUSE-SU-2014:1624-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IBM Spectrum Scale 安全漏洞

IBM Spectrum Scale is a high-performance shared disk file management solution that gives you fast, reliable access to data from multiple servers. A log casting vulnerability exists in IBM Spectrum Scale 5.0.0 - 5.0.5.4, 5.1.0. A local user can exploit this vulnerability to impact support and...

Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free

The Mozilla Foundation Security Advisory describes this flaw as: When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash...

CVE-2020-27764

In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator where a sizet cast should have been a ssizet cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked this as Low severity...

CVE-2020-27764

In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator where a sizet cast should have been a ssizet cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick...

Code Execution Vulnerability in Shanghai Shield Information Technology Co.

Fast Screen Casting for PC is a cell phone, computer and TV screen casting software developed by Shanghai Shield Information Technology Co. Ltd. Fast Cast Screen has a code execution vulnerability that can be exploited by an attacker to execute an executable program containing arbitrary code duri...

Code execution vulnerability in LePlay casting screen of Shenzhen LePlay Technology Co.

LePlay Casting, is a multi-screen interactive tool that connects mobile devices cell phones, tablets, etc. with large-screen terminals TVs, boxes, projectors, VR and other smart devices. Shenzhen Lecast Technology Co., Ltd. Lecast cast screen code execution vulnerability, an attacker can use the...

Code execution vulnerability exists in LePlay casting screen of Shenzhen LePlay Technology Co. Ltd (CNVD-2020-59427)

LePlay Casting, is a multi-screen interactive tool that connects mobile devices cell phones, tablets, etc. with large-screen terminals TVs, boxes, projectors, VR and other smart devices. Shenzhen Lecast Technology Co., Ltd. Lecast cast screen code execution vulnerability, an attacker can use the...

CVE-2019-2194

In SurfaceFlinger::createLayer of SurfaceFlinger.cpp, there is a possible arbitrary code execution due to improper casting. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Input validation

In SurfaceFlinger::createLayer of SurfaceFlinger.cpp, there is a possible arbitrary code execution due to improper casting. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2019-2194

In SurfaceFlinger::createLayer of SurfaceFlinger.cpp, there is a possible arbitrary code execution due to improper casting. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

DEBIAN-CVE-2020-25576

An issue was discovered in the randcore crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints...

UBUNTU-CVE-2020-25576

An issue was discovered in the randcore crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints...

Denial Of Service (DoS)

freerdp is vulnerable to denial of service DoS. The vulnerability exists in FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected...

CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2. Mitigation Do not run the freerdp client with the +glyph-cache and /relax-order-checks options...

CWA for Android: Workspace App crashes when you hit try to cast using a Workspace Hub.

This article is intended for Citrix administrators and technical teams only.Non-admin users must contact their company’s Help Desk/IT support team and can refer toCTX297149for more information. CWA for Android crashes with following trace when attempted to cast using Hub. Casting is successful...

CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2...

CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2...