7653 matches found
Rockwell Automation 1794-AENT Flex I/O Series B Buffer Copy Without Checking Size of Input (CVE-2020-6083)
An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen- Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...
CVE-2022-22723
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...
Heap overflow
Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...
PYSEC-2022-156
Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...
CVE-2022-23592 Out of bounds read in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...
CVE-2022-23592 Out of bounds read in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...
CVE-2022-22725
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...
PT-2022-16109 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow version 2.8.0 Description: The type inference in TensorFlow can cause a heap out of bounds read due to inadequate bounds checking, which is done in a DCHECK that is a no-op during production. An attacker can manipulate the input id...
CVE-2022-23568
Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...
USN-5266-1: Linux kernel (GKE) vulnerabilities
It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Luo Likang discovered that the FireDTV Firewire...
USN-5266-1 linux-gke, linux-gke-5.4 vulnerabilities
It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Luo Likang discovered that the FireDTV Firewire...
Ubuntu: Security Advisory (USN-5268-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ROS-20220128-03
A vulnerability in the standard util-linux command line utility package is related to incorrect parsing of the /proc/self/mountinfo file in libmount. parsing of the /proc/self/mountinfo file in libmount. Exploitation of the vulnerability could allow an attacker to, unmount other users' filesystem...
Mageia: Security Advisory (MGASA-2017-0241)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0115)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0091)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS : WebKitGTK vulnerabilities (USN-5255-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5255-1 advisory. A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a...
WordPress Simple Download Monitor plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. cross-site request forgery vulnerability exists in versions prior to Wordpress Plugin Simple Download Monitor 3.9.9, which...
The vulnerability of NETGEAR XR1000 Wi-Fi routers’ microprogramming software lies in insufficient checking of the arguments passed in commands, allowing attackers to execute arbitrary commands.
The vulnerability of NETGEAR XR1000 Wi-Fi routers’ microprogramming software is related to insufficient testing of the arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the library for viewing, printing, rendering, creating, and processing PDF files. The PDFTron SDK is software for modeling, designing, and drafting in AutoCAD. This vulnerability relates to errors in the mechanism for checking path searching for dynamically attached libraries, allowing a perpetrator to execute arbitrary code.
The vulnerability of the library for viewing, printing, rendering, creating, and processing PDF files is related to errors in the mechanism for checking the path to dynamically linked libraries DLLs. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by opening a...