CVE-2022-43663

An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability

Talos Vulnerability Report TALOS-2022-1674 WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability March 20, 2023 CVE Number CVE-2022-43663 SUMMARY An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian...

WellinTech KingHistorian 代码问题漏洞

WellinTech KingHistorian is a tool for data collection and analysis from WellinTech. A security vulnerability exists in WellinTech KingHistorian version 35.01.00.05, which stems from the presence of an integer conversion vulnerability that could be exploited by an attacker to cause a buffer...

SUSE CVE-2017-9199

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19...

PT-2022-6861

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19 Oracle GraalVM Enterprise Edition versions 20.3.7, 21.3.3, 22.2.0 Description The issue is related to an error in integer value conversion in the Security component of Oracle...

Arbitrary Code Execution

hermes-engine is vulnerable to arbitrary code execution. The vulnerability exists due to the integer conversion error in the library, which performs out-of-bounds operations and subsequently executes arbitrary code execution, resulting in an application crash...

CVE-2022-40138

An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...

CVE-2022-40138

An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...

CVE-2022-40138

An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...

Design/Logic Flaw

An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...

CVE-2022-40138

CVE-2022-40138 affects Hermes, the JavaScript engine used by React Native. The issue is an integer conversion error in Hermes bytecode generation (before commit 6aa825e480d48127b480b08d13adf70033237097) that could allow out-of-bounds operations and arbitrary code execution when untrusted JavaScri...

PT-2022-5008 · Facebook · Hermes

Name of the Vulnerable Software and Affected Versions: Hermes versions prior to commit 6aa825e480d48127b480b08d13adf70033237097 Description: The issue is related to an integer conversion error in Hermes bytecode generation. This error could be used to perform Out-Of-Bounds operations and...

OESA-2022-1921 python3 security update

Python combines remarkable power with very clear syntax. It has modules,classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C+...

Python 代码问题漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. Python has a security vulnerability that can be exploited by an attacker to trigger a denial of service by...

MGASA-2021-0511 Updated python-django-filter packages fix security vulnerability

In django-filter before version 2.4.0, automatically generated 'NumberFilter' instances, whose value was later converted to an integer, were subject to potential DoS from maliciously input using exponential format with sufficiently large exponents...

LSN-0081-1: Kernel Live Patch Security Notice

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.CVE-2021-3653 Maxim...

Crash caused by integer conversion to unsigned

Impact An attacker can cause a denial of service in boostedtreescreatequantilestreamresource by using negative arguments: python import tensorflow as tf from tensorflow.python.ops import genboostedtreesops import numpy as np v= tf.Variable0.0, 0.0, 0.0, 0.0, 0.0...

GHSA-VMJW-C2VP-P33C Crash in NMS ops caused by integer conversion to unsigned

Impact An attacker can cause denial of service in applications serving models using tf.rawops.NonMaxSuppressionV5 by triggering a division by 0: python import tensorflow as tf tf.rawops.NonMaxSuppressionV5 boxes=0.1,0.1,0.1,0.1,0.2,0.2,0.2,0.2,0.3,0.3,0.3,0.3, scores=1.0,2.0,3.0, maxoutputsize=-1...

Crash in NMS ops caused by integer conversion to unsigned

Impact An attacker can cause denial of service in applications serving models using tf.rawops.NonMaxSuppressionV5 by triggering a division by 0: python import tensorflow as tf tf.rawops.NonMaxSuppressionV5 boxes=0.1,0.1,0.1,0.1,0.2,0.2,0.2,0.2,0.3,0.3,0.3,0.3, scores=1.0,2.0,3.0, maxoutputsize=-1...

CVE-2021-37669 Crash in NMS ops caused by integer conversion to unsigned in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause denial of service in applications serving models using tf.rawops.NonMaxSuppressionV5 by triggering a division by 0. The implementation uses a user controlled argument to resize a...