Rust Resource Management Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust ordered-float crate before 1.1.1 and 2.x before 2.0.1, which stems from the fact that NotNan values can contain NaN...

adi (>=0.4.0 <=0.6.0), adi_screen (>=0.3.0 <=0.7.0) +167 more potentially affected by CVE-2020-35923 via ordered-float (>=0.2.3 <=1.0.2)

ordered-float CARGO version =0.2.3, =0.4.0, =0.3.0, =0.7.5, =0.6.0, =0.1.0, =0.1.0, =0.1.1, =0.2.0, =3.1.3, =0.1.1, =0.9.0, =0.23.0 and more Source cves: CVE-2020-35923 Source advisory: OSV:RUSTSEC-2020-0082...

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS. The vulnerability exists as there are out of range of representable values of type float at MagickCore/quantize.c...

Denial Of Service (DoS)

imagemagick is vulnerable to denial of service DoS. The vulnerability exists through a flaw in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types float and unsigned char...

DEBIAN-CVE-2020-27767

A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types float and unsigned char. This would most likely lead to an impact to application...

CVE-2020-27769

In ImageMagick, there are outside the range of representable values of type 'float' at MagickCore/quantize.c...

skia:sksl2spirv: Segv on unknown address in std::__1::unique_ptr<SkSL::Expression, std::__1::default_delete<SkSL::Expression

Project: https://skia.googlesource.com/skia.git Detailed Report: https://oss-fuzz.com/testcase?key=6198631948091392 Project: skia Fuzzing Engine: libFuzzer Fuzz Target: sksl2spirv Job Type: libfuzzerasanskia Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State:...

[slackware-security] openvpn

New openvpn packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openvpn-2.4.9-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: Fix illegal client float. Thanks to Le...

FreeBSD : openvpn -- illegal client float can break VPN session for other users (8604121c-7fc2-11ea-bcac-7781e90b0c8f)

Lev Stipakov and Gert Doering report : There is a time frame between allocating peer-id and initializing data channel key which is performed on receiving push request or on async push-reply in which the existing peer-id float checks do not work right. If a 'rogue' data channel packet arrives duri...

openvpn -- illegal client float can break VPN session for other users

Lev Stipakov and Gert Doering report: There is a time frame between allocating peer-id and initializing data channel key which is performed on receiving push request or on async push-reply in which the existing peer-id float checks do not work right. If a "rogue" data channel packet arrives durin...

Regular Expression Denial Of Service (ReDoS)

papaparse is vulnerable to regular expression denial of service ReDoS. The vulnerability exists through the FLOAT regex used in papaparse.js...

Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 80 JSCreate side-effect type confusion exploit', 'Description' = %q This module exploits an issue in Google Chrome 80.0.3987.87 64...

Google Chrome 72 and 73 - Array.map Out-of-Bounds Write (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 72 and 73 Array.map exploit', 'Description' = %q This module exploits an issue in Chrome 73.0.3683.86 64 bit. The exploit corrupts...

Google Chrome 80 JSCreate Side-Effect Type Confusion Exploit

This Metasploit module exploits an issue in Google Chrome version 80.0.3987.87 64 bit. The exploit corrupts the length of a float array floatrel, which can then be used for out of bounds read and write on adjacent memory. The relative read and write is then used to modify a UInt64Array uint64aarw...

FileZilla: FileZilla 3.46.3 - 'Scale factor' Buffer Overflow

Summary: FileZilla in has a problem in the "Scale Factor" field is vulnerable to a Buffer Over Flow attack or a denial attack. Adding random characters in an entry that must accept only Float input type values. Steps To Reproduce: A python file of name generatepaste.py was generated for the...

PYSEC-2020-258

In TensorFlow before 1.15.2 and 2.0.1, converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker c...

GHSA-977J-XJ7Q-2JR9 Segmentation faultin TensorFlow when converting a Python string to `tf.float16`

Impact Converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker can send a data point which...

CVE-2020-5215

In TensorFlow before 1.15.2 and 2.0.1, converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker c...

PT-2020-18311 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.1 TensorFlow versions prior to 2.0.1 Description: Converting a string to a tf.float16 value results in a segmentation fault in eager mode, as format checks for this use case are only in graph mode. This issue...

Rockwellautomation Micrologix Unspecified Vulnerability

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...