216 matches found
CVE-2022-21739 Null pointer dereference in TensorFlow
Tensorflow is an Open Source Machine Learning Framework. The implementation of QuantizedMaxPool has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow...
kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them...
CVE-2021-21814
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strlen to determine the ending location of the char passed in by the user, no checks are done to see if the passed in char is longer th...
CVE-2021-23399
This affects all versions of package wincred. If attacker-controlled user input is given to the getCredential function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...
Heap overflow
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.RaggedTensorToTensor. This is because the...
Prototype Pollution in simpl-schema
This affects the package simpl-schema before 1.10.2. Attacker controlled input into a schema could result in remote code execution within the scope of the surrounding application...
CVE-2020-12122
In Max Secure Max Spyware Detector 1.0.0.044, the driver file MaxProc64.sys allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019. This also extends to the various other products from Max Secure...
CVE-2020-9014
In Epson iProjection v2.30, the driver file EMPNSAU.sys allows local users to cause a denial of service BSOD via crafted input to the virtual audio device driver with IOCTL 0x9C402402, 0x9C402406, or 0x9C40240A. \Device\EMPNSAUIO and \DosDevices\EMPNSAU are similarly affected...
CVE-2021-21447
SAP BusinessObjects Business Intelligence platform, versions 410, 420, allows an authenticated attacker to inject malicious JavaScript payload into the custom value input field of an Input Control, which can be executed by User who views the relevant application content, which leads to Stored...
CVE-2021-21447
SAP BusinessObjects Business Intelligence platform, versions 410, 420, allows an authenticated attacker to inject malicious JavaScript payload into the custom value input field of an Input Control, which can be executed by User who views the relevant application content, which leads to Stored...
Cross site scripting
SAP BusinessObjects Business Intelligence platform, versions 410, 420, allows an authenticated attacker to inject malicious JavaScript payload into the custom value input field of an Input Control, which can be executed by User who views the relevant application content, which leads to Stored...
CVE-2021-21447
SAP BusinessObjects Business Intelligence platform, versions 410, 420, allows an authenticated attacker to inject malicious JavaScript payload into the custom value input field of an Input Control, which can be executed by User who views the relevant application content, which leads to Stored...
CVE-2021-21447
CVE-2021-21447 affects SAP BusinessObjects BI Platform 4.1/4.2 (versions 4.1 < SP12 P9, 4.2 < SP8 P5 or
CVE-2020-26270
In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...
CHECK-fail in LSTM with zero-length input in TensorFlow
Impact Running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer. Patches We have patched the...
Jingyun Antivirus Input Validation Error Vulnerability
Jingyun Antivirus is an anti-virus, real-time protection, proactive defense anti-virus engine for personal terminal devices from China Jingyun Company. A security vulnerability exists in Jingyun Antivirus version v2.4.2.39, which stems from a failure to validate an input value from IOCtl...
chroot in GNU coreutils when used with --userspec allows local users to escape to the parent session via a crafted TIOCSTI ioctl call which pushes characters to the terminal's input buffer.
...
CVE-2020-9239
Huawei smartphones BLA-A09 versions 8.0.0.123C212,versions earlier than 8.0.0.123C567,versions earlier than 8.0.0.123C797;BLA-TL00B versions earlier than 8.1.0.326C01;Berkeley-L09 versions earlier than 8.0.0.163C10,versions earlier than 8.0.0.163C432,Versions earlier than 8.0.0.163C636,Versions...
CVE-2020-9239
Huawei smartphones BLA-A09 versions 8.0.0.123C212,versions earlier than 8.0.0.123C567,versions earlier than 8.0.0.123C797;BLA-TL00B versions earlier than 8.1.0.326C01;Berkeley-L09 versions earlier than 8.0.0.163C10,versions earlier than 8.0.0.163C432,Versions earlier than 8.0.0.163C636,Versions...
Design/Logic Flaw
Huawei smartphones BLA-A09 versions 8.0.0.123C212,versions earlier than 8.0.0.123C567,versions earlier than 8.0.0.123C797;BLA-TL00B versions earlier than 8.1.0.326C01;Berkeley-L09 versions earlier than 8.0.0.163C10,versions earlier than 8.0.0.163C432,Versions earlier than 8.0.0.163C636,Versions...