102 matches found
PT-2022-15072 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is...
CVE-2022-24196
CVE-2022-24196 affects iText Java PDF library versions up to (but not including) 7.1.18 and 7.2.2, with the root cause in the readStreamBytesRaw component. This creates an out-of-memory condition that can be exploited by a crafted PDF to cause a Denial of Service. Public sources identify vulnerab...
Design/Logic Flaw
A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon pkid of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service DoS. In a scenario where Public Key Infrastructure PKI is used in combination with...
Design/Logic Flaw
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service DoS by consuming excessive CPU and memory resources...
CVE-2021-45762
GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gfsgvrmlmfreset. This vulnerability allows attackers to cause a Denial of Service DoS...
CVE-2021-45760
GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gflistlast. This vulnerability allows attackers to cause a Denial of Service DoS...
SUSE: Security Advisory (SUSE-SU-2021:2803-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:2766-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for spice-vdagent (openSUSE-SU-2021:2614-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2021:2614-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2021:2614-1 Security update for spice-vdagent
This update for spice-vdagent fixes the following issues: - Update to version 0.21.0 - CVE-2020-25650: memory DoS via arbitrary entries in activexfers hash table bsc1177780 - CVE-2020-25651: possible file transfer DoS and information leak via activexfers hash map bsc1177781 - CVE-2020-25652:...
Security update for spice-vdagent (important)
openSUSE Security Update: Security update for spice-vdagent Announcement ID: openSUSE-SU-2021:2614-1 Rating: important References: 1173749 1177780 1177781 1177782 1177783 Cross-References: CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653 CVSS scores: CVE-2020-25650 NVD : 5.5...
CVE-2020-19499
An issue was discovered in heif::Boxiref::getreferences in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read...
CentOS 8 : spice-vdagent (CESA-2021:1791)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:1791 advisory. - spice-vdagent: memory DoS via arbitrary entries in activexfers hash table CVE-2020-25650 - spice-vdagent: possible file transfer DoS and information...
RHEL 8 : spice-vdagent (RHSA-2021:1791)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1791 advisory. The spice-vdagent packages provide a SPICE agent for Linux guests. Security Fixes: spice-vdagent: possible file transfer DoS and information...
RLSA-2021:1791 Moderate: spice-vdagent security and bug fix update
The spice-vdagent packages provide a SPICE agent for Linux guests. Security Fixes: spice-vdagent: possible file transfer DoS and information leak via activexfers hash map CVE-2020-25651 spice-vdagent: UNIX domain socket peer PID retrieved via SOPEERCRED is subject to race condition CVE-2020-25653...
ALSA-2021:1791 Moderate: spice-vdagent security and bug fix update
The spice-vdagent packages provide a SPICE agent for Linux guests. Security Fixes: spice-vdagent: possible file transfer DoS and information leak via activexfers hash map CVE-2020-25651 spice-vdagent: UNIX domain socket peer PID retrieved via SOPEERCRED is subject to race condition CVE-2020-25653...
spice-vdagent security and bug fix update
An update is available for spice-vdagent. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The spice-vdagent packages provide a SPICE agent for Linux guests...
Moderate: spice-vdagent security and bug fix update
The spice-vdagent packages provide a SPICE agent for Linux guests. Security Fixes: spice-vdagent: possible file transfer DoS and information leak via activexfers hash map CVE-2020-25651 spice-vdagent: UNIX domain socket peer PID retrieved via SOPEERCRED is subject to race condition CVE-2020-25653...
Sydent DoS (via resource exhaustion) due to improper input validation
Impact Missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion. Patches Fixed by 3175fd3. For more information If you have any questions or comments about this advisory,...