8 matches found
CVE-2026-35369
CVE-2026-35369 affects the kill utility in uutils coreutils. The root cause is an argument parsing error where kill -1 is treated as a request to send the default signal (SIGTERM) to PID -1, instead of recognizing -1 as a signal number. This can lead to the kernel terminating all processes visibl...
UBUNTU-CVE-2022-49186
In the Linux kernel, the following vulnerability has been resolved: clk: visconti: prevent array overflow in visconticlkregistergates This code was using -1 to represent that there was no reset function. Unfortunately, the -1 was stored in u8 so the if clksi.rsid = 0 condition was always true. Th...
DEBIAN-CVE-2022-48934
In the Linux kernel, the following vulnerability has been resolved: nfp: flower: Fix a potential leak in nfptunneladdsharedmac idasimpleget returns an id between min 0 and max NFPMAXMACINDEX inclusive. So NFPMAXMACINDEX 0xff is a valid id. In order for the error handling path to work correctly, t...
SUSE CVE-2019-11068
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. Google TensorFlow suffers from a buffer error vulnerability that stems from the fact that in the affected version, QuantizeV2's shape inference code could trigger a read...
PYSEC-2020-326
In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indice...
CVE-2019-11068
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded...
security flaw
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...