Lucene search
K

102 matches found

Positive Technologies
Positive Technologies
added 2022/02/03 12:0 a.m.4 views

PT-2022-15072 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is...

6.5CVSS6.2AI score0.00765EPSS
Exploits1References14
CVE
CVE
added 2022/02/01 12:0 a.m.87 views

CVE-2022-24196

CVE-2022-24196 affects iText Java PDF library versions up to (but not including) 7.1.18 and 7.2.2, with the root cause in the readStreamBytesRaw component. This creates an out-of-memory condition that can be exploited by a crafted PDF to cause a Denial of Service. Public sources identify vulnerab...

6.5CVSS6.2AI score0.01612EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/01/19 1:15 a.m.18 views

Design/Logic Flaw

A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon pkid of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service DoS. In a scenario where Public Key Infrastructure PKI is used in combination with...

5CVSS7.5AI score0.00588EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/01/14 8:15 p.m.26 views

Design/Logic Flaw

GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service DoS by consuming excessive CPU and memory resources...

4.3CVSS5.5AI score0.00779EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/14 12:0 a.m.25 views

CVE-2021-45762

GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gfsgvrmlmfreset. This vulnerability allows attackers to cause a Denial of Service DoS...

6.6AI score0.00718EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/01/13 12:0 a.m.23 views

CVE-2021-45760

GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gflistlast. This vulnerability allows attackers to cause a Denial of Service DoS...

6.6AI score0.0081EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/08/20 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2021:2803-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.2AI score0.0049EPSS
Exploits4References7
OpenVAS
OpenVAS
added 2021/08/19 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2021:2766-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.2AI score0.0049EPSS
Exploits4References7
OpenVAS
OpenVAS
added 2021/08/07 12:0 a.m.13 views

openSUSE: Security Advisory for spice-vdagent (openSUSE-SU-2021:2614-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.4CVSS6.4AI score0.0049EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2021/08/06 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2021:2614-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.6AI score0.0049EPSS
Exploits4References2
OSV
OSV
added 2021/08/05 8:19 a.m.8 views

SUSE-SU-2021:2614-1 Security update for spice-vdagent

This update for spice-vdagent fixes the following issues: - Update to version 0.21.0 - CVE-2020-25650: memory DoS via arbitrary entries in activexfers hash table bsc1177780 - CVE-2020-25651: possible file transfer DoS and information leak via activexfers hash map bsc1177781 - CVE-2020-25652:...

6.4CVSS6.2AI score0.0049EPSS
Exploits4References10
OPENSUSE Linux
OPENSUSE Linux
added 2021/08/05 12:0 a.m.91 views

Security update for spice-vdagent (important)

openSUSE Security Update: Security update for spice-vdagent Announcement ID: openSUSE-SU-2021:2614-1 Rating: important References: 1173749 1177780 1177781 1177782 1177783 Cross-References: CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653 CVSS scores: CVE-2020-25650 NVD : 5.5...

8.8CVSS7.1AI score0.0049EPSS
Exploits4References5
OSV
OSV
added 2021/07/21 6:15 p.m.16 views

CVE-2020-19499

An issue was discovered in heif::Boxiref::getreferences in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read...

8.8CVSS7.1AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/05/19 12:0 a.m.26 views

CentOS 8 : spice-vdagent (CESA-2021:1791)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:1791 advisory. - spice-vdagent: memory DoS via arbitrary entries in activexfers hash table CVE-2020-25650 - spice-vdagent: possible file transfer DoS and information...

6.4CVSS6.2AI score0.0049EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2021/05/19 12:0 a.m.36 views

RHEL 8 : spice-vdagent (RHSA-2021:1791)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1791 advisory. The spice-vdagent packages provide a SPICE agent for Linux guests. Security Fixes: spice-vdagent: possible file transfer DoS and information...

6.4CVSS6.3AI score0.0049EPSS
Exploits4References14
OSV
OSV
added 2021/05/18 6:5 a.m.28 views

RLSA-2021:1791 Moderate: spice-vdagent security and bug fix update

The spice-vdagent packages provide a SPICE agent for Linux guests. Security Fixes: spice-vdagent: possible file transfer DoS and information leak via activexfers hash map CVE-2020-25651 spice-vdagent: UNIX domain socket peer PID retrieved via SOPEERCRED is subject to race condition CVE-2020-25653...

6.4CVSS6.4AI score0.0049EPSS
Exploits4References7
OSV
OSV
added 2021/05/18 6:5 a.m.26 views

ALSA-2021:1791 Moderate: spice-vdagent security and bug fix update

The spice-vdagent packages provide a SPICE agent for Linux guests. Security Fixes: spice-vdagent: possible file transfer DoS and information leak via activexfers hash map CVE-2020-25651 spice-vdagent: UNIX domain socket peer PID retrieved via SOPEERCRED is subject to race condition CVE-2020-25653...

6.4CVSS6.3AI score0.0049EPSS
Exploits4References4
Rockylinux
Rockylinux
added 2021/05/18 6:5 a.m.36 views

spice-vdagent security and bug fix update

An update is available for spice-vdagent. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The spice-vdagent packages provide a SPICE agent for Linux guests...

6.4CVSS6.3AI score0.0049EPSS
Exploits4
AlmaLinux
AlmaLinux
added 2021/05/18 6:5 a.m.43 views

Moderate: spice-vdagent security and bug fix update

The spice-vdagent packages provide a SPICE agent for Linux guests. Security Fixes: spice-vdagent: possible file transfer DoS and information leak via activexfers hash map CVE-2020-25651 spice-vdagent: UNIX domain socket peer PID retrieved via SOPEERCRED is subject to race condition CVE-2020-25653...

6.4CVSS6.3AI score0.0049EPSS
Exploits4References4
Github Security Blog
Github Security Blog
added 2021/04/16 7:53 p.m.67 views

Sydent DoS (via resource exhaustion) due to improper input validation

Impact Missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion. Patches Fixed by 3175fd3. For more information If you have any questions or comments about this advisory,...

4.3CVSS4.6AI score0.00927EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder