Lucene search
K

7653 matches found

Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.25 views

Rockwell Automation 1794-AENT Flex I/O Series B Buffer Copy Without Checking Size of Input (CVE-2020-6083)

An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen- Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...

7.5CVSS7.2AI score0.03454EPSS
Exploits1References4
NVD
NVD
added 2022/02/04 11:15 p.m.15 views

CVE-2022-22723

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...

8.8CVSS0.02822EPSS
Exploits0References1
Prion
Prion
added 2022/02/04 11:15 p.m.21 views

Heap overflow

Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...

5.5CVSS7.8AI score0.00858EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/02/04 11:15 p.m.16 views

PYSEC-2022-156

Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...

8.1CVSS3.5AI score0.00858EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/02/04 10:32 p.m.31 views

CVE-2022-23592 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...

8.1CVSS8.2AI score0.00858EPSS
Exploits1References3
OSV
OSV
added 2022/02/04 10:32 p.m.20 views

CVE-2022-23592 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...

8.1CVSS7.9AI score0.00858EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/02/04 10:29 p.m.19 views

CVE-2022-22725

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...

9.1AI score0.02789EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.3 views

PT-2022-16109 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow version 2.8.0 Description: The type inference in TensorFlow can cause a heap out of bounds read due to inadequate bounds checking, which is done in a DCHECK that is a no-op during production. An attacker can manipulate the input id...

8.1CVSS7.8AI score0.00858EPSS
Exploits1References12
NVD
NVD
added 2022/02/03 12:15 p.m.27 views

CVE-2022-23568

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...

6.5CVSS0.008EPSS
Exploits1References4
Ubuntu
Ubuntu
added 2022/02/03 4:13 a.m.120 views

USN-5266-1: Linux kernel (GKE) vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Luo Likang discovered that the FireDTV Firewire...

7.2CVSS7.4AI score0.05918EPSS
Exploits2
OSV
OSV
added 2022/02/03 4:13 a.m.6 views

USN-5266-1 linux-gke, linux-gke-5.4 vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Luo Likang discovered that the FireDTV Firewire...

7.2CVSS7.1AI score0.05918EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2022/02/03 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-5268-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.9CVSS7.8AI score0.06902EPSS
Exploits2References2
Redos
Redos
added 2022/02/01 12:0 a.m.53 views

ROS-20220128-03

A vulnerability in the standard util-linux command line utility package is related to incorrect parsing of the /proc/self/mountinfo file in libmount. parsing of the /proc/self/mountinfo file in libmount. Exploitation of the vulnerability could allow an attacker to, unmount other users' filesystem...

5.5CVSS6.1AI score0.00634EPSS
Exploits4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2017-0241)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.7AI score0.04901EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2015-0115)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.7AI score0.03677EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2015-0091)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.7AI score0.03269EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/01/28 12:0 a.m.57 views

Ubuntu 20.04 LTS : WebKitGTK vulnerabilities (USN-5255-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5255-1 advisory. A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a...

9.3CVSS7.1AI score0.07617EPSS
Exploits1References8
CNVD
CNVD
added 2022/01/26 12:0 a.m.22 views

WordPress Simple Download Monitor plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. cross-site request forgery vulnerability exists in versions prior to Wordpress Plugin Simple Download Monitor 3.9.9, which...

6.8CVSS3.2AI score0.0063EPSS
Exploits2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.5 views

The vulnerability of NETGEAR XR1000 Wi-Fi routers’ microprogramming software lies in insufficient checking of the arguments passed in commands, allowing attackers to execute arbitrary commands.

The vulnerability of NETGEAR XR1000 Wi-Fi routers’ microprogramming software is related to insufficient testing of the arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9.6CVSS8AI score0.00822EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.12 views

The vulnerability of the library for viewing, printing, rendering, creating, and processing PDF files. The PDFTron SDK is software for modeling, designing, and drafting in AutoCAD. This vulnerability relates to errors in the mechanism for checking path searching for dynamically attached libraries, allowing a perpetrator to execute arbitrary code.

The vulnerability of the library for viewing, printing, rendering, creating, and processing PDF files is related to errors in the mechanism for checking the path to dynamically linked libraries DLLs. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by opening a...

10CVSS7.6AI score0.01437EPSS
Exploits0References6Affected Software13
Rows per page
Query Builder