Authentication Bypass by Primary Weakness

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness in the SOAP API due to improper type checking on the password parameter. An attacker can gain unauthorized access to user accounts by sending a crafted...

CVE-2023-52762 virtio-blk: fix implicit overflow on virtio_max_dma_size

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: fix implicit overflow on virtiomaxdmasize The following codes have an implicit conversion from sizet to u32: u32maxsize = sizetvirtiomaxdmasizevdev; This may lead overflow, Ex sizet4G - u320. Once virtiomaxdmasize has...

BIT-TENSORFLOW-2021-41202 Overflow/crash in `tf.range`

TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition...

Feathers socket handler allows abusing implicit toString

Impact Feathers socket handler did not catch invalid string conversion errors like: ts const message = $ toString: '' Causing the NodeJS process to crash when sending an unexpected Socket.io message like ts socket.emit'find', toString: '' Patches A fix has been released in - v5.0.8 via 3241 -...

Overflow/crash in `tf.range`

Impact While calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition will be cast to double and the result would be truncated before the...

Design/Logic Flaw

TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition...

CVE-2021-41202 Overflow/crash in `tf.range`

TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition...

Crash caused by integer conversion to unsigned

Impact An attacker can cause a denial of service in boostedtreescreatequantilestreamresource by using negative arguments: python import tensorflow as tf from tensorflow.python.ops import genboostedtreesops import numpy as np v= tf.Variable0.0, 0.0, 0.0, 0.0, 0.0...

Integer overflow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in boostedtreescreatequantilestreamresource by using negative arguments. The implementation does not validate that numstreams only contains non-negative numbers. I...

OSV-2020-1531 Segv on unknown address in clang::Sema::PerformImplicitConversion

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19621 Crash type: Segv on unknown address Crash state: clang::Sema::PerformImplicitConversion clang::Sema::PerformImplicitConversion clang::Sema::PerformContextuallyConvertToBool...

An error during signature verification can be treated as a successful verification.

Security update for signature validation on LogoutRequest/LogoutResponse. In order to verify Signatures on Logoutrequests and LogoutResponses we use the verifySignature of the class XMLSecurityKey from the xmlseclibs library. That method end up calling opensslverify depending on the signature...

Discover MaosinCMS website system vulnerability testing-vulnerability warning-the black bar safety net

The recent move easy CMS vulnerability can be said to really was a fire, this article written by CMS although there is no move-powerful, but also the presence of injection vulnerabilities. This vulnerability with the tool is swept less than, can be said that the injection has been made by explici...