ROS-20240606-09

A vulnerability in the HTTP2 protocol implementation network/access/http2/hpacktable.cpp of the cross-platform Qt software development framework is related to an integer overflow resulting from a a change in the typical order of expressions in a conditional statement "Yoda conditions". Exploitati...

BIT-TENSORFLOW-2021-41202 Overflow/crash in `tf.range`

TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition...

AuctionDemo::claimAuction() - L105: Logic bug in the conditional statement where the timestamp check should be > instead of >=.

Lines of code Vulnerability details Impact Would enable the winning bidder/bid to be selected WHILE it's still possible to bid higher in the auction. I.e. current comparison logic makes it possible to select auction winner while the auction isnt over yet. there's the risk of the true/valid highes...

AuctionDemo::claimAuction() - L105: Logic bug in the conditional statement where the timestamp check should be > instead of >=.

Lines of code Vulnerability details Impact Would enable the winning bidder/bid to be selected WHILE it's still possible to bid higher in the auction. I.e. current comparison logic makes it possible to select auction winner while the auction isnt over yet. there's the risk of the true/valid highes...

Attacker can steal vault funds through the deposit function.

Lines of code Vulnerability details Impact In the deposit function, a check is made to see if the amount of assets being deposited by the user is greater than the amount of assets the vault currently holds. The vault then transfers the difference between the assets being deposited and the vault’s...

Eve has a Comparison of Incompatible Types that Results in Invalid State

Description A conditional statement that always resolves to False. Proof of Concept // eve/methods/common.py if field in document and documentfield is not None and documentfield is not Always resolves to False : relatedlinks =...

Open Redirect in openwhyd/openwhyd

Description This vulnerability was discovered in Here by @mdakh404. However, it is not patched properly and I bypassed with a simple trick. diff r.html = mainTemplate.renderWhydPager; // call the adequate renderer - if r.redirect response.redirectr.redirect; + if r.redirect...

Overflow/crash in `tf.range`

Impact While calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition will be cast to double and the result would be truncated before the...

Design/Logic Flaw

TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition...

CVE-2021-41202 Overflow/crash in `tf.range`

TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition...

织梦前台任意用户密码修改

常见的弱类型问题 类型转换问题 类型转换是无法避免的问题。例如需要将GET或者是POST的参数转换为int类型，或者是两个变量不匹配的时候，PHP会自动地进行变量转换。但是PHP是一个弱类型的语言，导致在进行类型转换的时候会存在很多意想不到的问题。 数学运算 当php进行一些数学计算的时候 因为 md5's878926199a'=0e545993274517709034328855841020就是0的n次方，所以还是等于0 但是要注意： "0e123456abc"=="0e1dddada"//false 这种返回的是为假 语句条件的松散判断 函数的松散判断...