glib: g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION creates empty target for dangling symlink

An issue was discovered in GNOME GLib before 2.66.8. When gfilereplace is used with GFILECREATEREPLACEDESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is...

Red Hat Ceph 安全漏洞

Red Hat Ceph is a Linux petabyte-level distributed file system from Red Hat. The main goal of the system is to be designed as a distributed file system without a single point of failure based on POSIX Portable Operating System Interface, enabling fault-tolerant and seamless replication of data. A...

GHSA-32VJ-V39G-JH23 spring-security-oauth2-client vulnerable to Privilege Escalation

Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client via the browser to the Authorization Server which...

UBUNTU-CVE-2022-31690

Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client via the browser to the Authorization Server which...

Security Bulletin: Multiple vulnerabilities in HTTP/2 implementation used by Liberty for Java for IBM Cloud

Summary There are multiple vulnerabilities in the HTTP/2 implementation that is used by WebSphere Application Server Liberty. This affects the servlet-4.0 and servlet-3.1 features. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2019-9515 DESCRIPTION: Some HTTP/2...

Malicious code in com.meta.xr.sdk.empty (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5e176fd9c7eeccf86b6d27ce925141cb71fe32a6454ccd43e17ada8bfda1b25f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

The vulnerability of the spell_iswordp() function in the spell.c component of the Vim text editor allows a hacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the spelliswordp function in the spell.c component of the Vim text editor is related to the lack of checks for empty prewords. Exploiting this vulnerability allows a malicious user to access confidential data, compromise its integrity, and even cause service failures...

aat-downloader (>=0.0.1 <=0.0.3), audittracker (=0.4.0) +30 more potentially affected by CVE-2022-39227 via python-jwt (>=2.0.1 <=3.3.0)

python-jwt PYPI version =2.0.1, =0.0.1, =1.0.1, =0.1.0.2, =6.0.0a1, =0.0.3, =1.0.3, =3.0.27, =0.0.4, =1.0.0, =1.0.6, =0.0.1, =0.5.0 and more Source cves: CVE-2022-39227 Source advisory: OSV:GHSA-5P8V-58QM-C7FP...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The vulnerability exists Compute function of convgradinputops.h because the CPU/GPU kernels are not properly handled for empty outbackprop inputs which allows an attacker to cause an application crash by sending malicious inputs...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The vulnerability exists due to a null pointer dereference in ImportGenericFunction of functiondefimport.cc because mlir doesn't disallow empty function attributes which allows an attacker to cause an application crash...

PT-2022-34084 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.137 Description: The issue is related to a potential panic in the dl cpu busy function due to an empty cs-cpus allowed. The actual impact and attack plausibility have not yet been proven. Recommendations:...

CVE-2022-36012

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes. We have patched the issue in GitHub commit ad069af92392efee1418c48ff561fd3070a03d7b. The fix will be included in TensorFlow 2.10.0. We wi...

CVE-2022-35996

TensorFlow is an open source platform for machine learning. If Conv2D is given empty input and the filter and padding sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack. We have patched the issue ...

CVE-2022-36000

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit aed36912609fc07229b4d0a7b44f3f48efc00fd0. The fix will be included in...

CVE-2022-36011

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit 1cf45b831eeb0cab8655c9c7c5d06ec6f45fc41b. The fix will be included in...

GHSA-WR9V-G9VF-C74V TensorFlow vulnerable to segfault in `RaggedBincount`

Impact If RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf binaryoutput = True splits = tf.random.uniformshape=0, minval=-10000, maxval=10000, dtype=tf.int64, seed=-7430 values =...

GHSA-9VQJ-64PV-W55C TensorFlow vulnerable to `CHECK` fail in `tf.linalg.matrix_rank`

Impact When tf.linalg.matrixrank receives an empty input a, the GPU kernel gives a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf a = tf.constant, shape=0, 1, 1, dtype=tf.float32 tf.linalg.matrixranka=a Patches We have patched the issue in GitHub...

CVE-2022-35999

TensorFlow is an open source platform for machine learning. When Conv2DBackpropInput receives empty outbackprop inputs e.g. 3, 1, 0, 1, the current CPU/GPU kernels CHECK fail one with dnnl, the other with cudnn. This can be used to trigger a denial of service attack. We have patched the issue in...

CVE-2022-35998

TensorFlow is an open source platform for machine learning. If EmptyTensorList receives an input elementshape with more than one dimension, it gives a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

GHSA-QXPX-J395-PW36 TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound`

Impact If LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.int32 sortedinputs = tf.constant, shape=10,0, dtype=tf.float32...