EUVD-2021-26037

Malware in sbrugna...

CVE-2017-8401

In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function pngload in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS...

CVE-2021-37664

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to BoostedTreesSparseCalculateBestFeatureSplit. The implementation needs to validate that...

CVE-2021-39680

In secSHA256Transform of sha256core.c, there is a possible way to read heap data due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

PUB-A-197965864

In secSHA256Transform of sha256core.c, there is a possible way to read heap data due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2021-37655

CVE-2021-37655 describes a heap-based read out of bounds in TensorFlow caused by incomplete validation when updating a resource with tf.raw_ops.ResourceScatterUpdate. The issue stems from validating the relationship between the shapes of indices and updates (only divisibility checked instead of p...

ALPINE-CVE-2017-1000101

curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a...