CVE-2026-43145

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxrproc: Fix invalid loaded resource table detection imxrprocelffindloadedrsctable may incorrectly report a loaded resource table even when the current firmware does not provide one. When the device tree contains a...

SUSE-SU-2026:1461-1 Security update for jetty-minimal

This update for jetty-minimal fixes the following issues: - CVE-2025-11143: Fixed different parsing of invalid URIs bsc1259242...

UBUNTU-CVE-2023-53814

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix dropping valid root bus resources with .end = zero On r8a7791/koelsch: kmemleak: 1 new suspected memory leaks see /sys/kernel/debug/kmemleak cat /sys/kernel/debug/kmemleak unreferenced object 0xc3a34e00 size 64: comm...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check resource validity, which could result in a null pointer dereference...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 126, which stems from the presence of an iframe with an incorrectly formatted URI, resulting in an unexploitable browser crash...

CVE-2024-47687 vdpa/mlx5: Fix invalid mr resource destroy

In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5vdpadevadd can end up releasing mr resources which never got initialized in the first place. This patch adds the missing check in mlx5vdpadestroymrresources ...

GHSA-CJ7V-27PG-WF7Q Jetty invalid URI parsing may produce invalid HttpURI.authority

Description URI use within Jetty's HttpURI class can parse invalid URIs such as http://localhost;/path as having an authority with a host of localhost;. A URIs of the type http://localhost;/path should be interpreted to be either invalid or as localhost; to be the userinfo and no host. However,...

GHSA-5WPJ-C6F7-24X8 Undefined behavior when users supply invalid resource handles

Impact Multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid: python import tensorflow as tf tf.rawops.QueueIsClosedV2handle= python import tensorflow as tf tf.summary.flushwriter= In graph mode, it would have been impossible to perform these...

Google TensorFlow has an unspecified vulnerability

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which stems from an invalid resource handle provided to the application when , multiple tensorflow...

PT-2022-19459 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description: Multiple TensorFlow operations misbehave in eager mode when the resource handle provided ...

Google TensorFlow安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which stems from an invalid resource handle provided to the application when , multiple tensorflow...

Qualcomm 芯片安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits including primarily semiconductor devices, but also passive components, etc. and from time to time fabricated on the surface of semiconductor wafers. A security vulnerability exists in multiple Qualcomm...

Escapade 0.2.1 Beta Scripting Engine PAGE Parameter Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8574/info Escapade is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing a request for an invalid resource, passed as a value for the PAGE parameter to the...

DEBIAN-CVE-2008-3533

Format string vulnerability in the windowerror function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within 1 man or 2 ghelp URI...

UBUNTU-CVE-2007-0255

XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a certain M3U file that contains a long EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017...

Escapade 0.2.1 Beta Scripting Engine - PAGE Full Path Disclosure

Escapade 0.2.1 Beta Scripting Engine - PAGE Full Path Disclosure source: https://www.securityfocus.com/bid/8574/info Escapade is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing a request for an invalid resource, passed as a value fo...