Lucene search
+L

136 matches found

RedHat Linux
RedHat Linux
added 2024/11/26 12:55 a.m.7 views

kernel: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs

A vulnerability was found in the Linux kernel's hwmon subsystem, specifically in the mlxreg-fan driver. The issue arises when the driver’s sysfs interface for controlling fan speed does not properly handle cases where the requested minimum fan speed exceeds the maximum allowable value. When the...

7.1CVSS6.7AI score0.00244EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/08/27 12:0 a.m.134 views

RHEL 8 : linux-firmware (RHSA-2024:5883)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5883 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: kernel:...

7.5CVSS6.8AI score0.00622EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/04/28 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that there is no check to verify that the number of entries eh-ehentries is non-zero when depth 0...

5.5CVSS6.5AI score0.00235EPSS
Exploits0References7
OSV
OSV
added 2024/03/06 11:18 a.m.22 views

BIT-TENSORFLOW-2021-29594 Division by zero in TFLite's convolution code

TensorFlow is an end-to-end open source platform for machine learning. TFLite's convolution codehttps://github.com/tensorflow/tensorflow/blob/09c73bca7d648e961dd05898292d91a8322a9d45/tensorflow/lite/kernels/conv.cc has multiple division where the divisor is controlled by the user and not checked ...

7.8CVSS7.5AI score0.00201EPSS
Exploits1References3
OSV
OSV
added 2024/02/27 7:4 p.m.34 views

UBUNTU-CVE-2021-46969

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Fix invalid error returning in mhiqueue mhiqueue returns an error when the doorbell is not accessible in the current state. This can happen when the device is in non M0 state, like M3, and needs to be waken-up pri...

7.8CVSS5.7AI score0.00216EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2023/11/08 12:0 a.m.7 views

CVE-2022-29526

...

5.3CVSS7AI score0.02593EPSS
Exploits1
Code423n4
Code423n4
added 2023/07/28 12:0 a.m.9 views

Reverts when a User claims Voting Power of address(0) where there exists some for address(0)

Lines of code Vulnerability details Impact There is no zero address check in the delegate function in ARCDVestingVault contract. This allows address0 to be able to accumulate VotingPower. Now when there is a some Voting Power for address0, any user can delegate themselves for address0 and claim...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/07/21 12:0 a.m.11 views

InterchainProposalExecutor doesn't support actions with value

Lines of code Vulnerability details Impact An interchain call consists of the target address, calldata, and value. When InterchainProposalExecutor performs the call, it passes the value along function executeProposalInterchainCalls.Call memory calls internal for uint256 i = 0; i calls.length; i++...

7.4AI score
Exploits0
Code423n4
Code423n4
added 2023/06/20 12:0 a.m.21 views

M-10 Unmitigated

Lines of code Vulnerability details Mitigation of M-10: Issue NOT mitigated Mitigated issue M-10: First 1 wei deposit can produce lose of user xETH funds in wxETH Fix: code-423n4/2023-05-xeth@fbb2972 The issue is similar to the standard inflation attack, except that instead of the attacker's...

6.6AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.6 views

SUSE CVE-2022-29526

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...

6.2CVSS7.7AI score0.02593EPSS
Exploits1References8
CNVD
CNVD
added 2022/09/20 12:0 a.m.29 views

Google TensorFlow Denial of Service Vulnerability (CNVD-2023-10608)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A denial-of-service vulnerability exists in Google TensorFlow, which stems from the fact that FakeQuantWithMinMaxVars will fail to assert if it is given a tensor of non-zero rank min or max. An attacker...

7.5CVSS4.7AI score0.00398EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.55 views

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Google TensorFlow, which stems from a segmentation error that occurs if QuantizedAdd is given a tensor of non-zero rank mininput or maxinput. An attacke...

7.5CVSS6.6AI score0.00424EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.7 views

Google TensorFlow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A denial-of-service vulnerability exists in Google TensorFlow, which stems from the fact that FakeQuantWithMinMaxVars will fail to assert if it is given a tensor of non-zero rank min or max. An attacker...

7.5CVSS6.6AI score0.00398EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.7 views

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google Inc. in the United States. Google TensorFlow suffers from an input validation error vulnerability that stems from a segmentation error that can be used to trigger a denial-of-service attack if...

7.5CVSS7.3AI score0.00424EPSS
Exploits0References3
Veracode
Veracode
added 2022/08/11 5:17 a.m.24 views

Denial Of Service (DoS)

libtar.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to an out-of-bounds read in variable gnulongname when size in header struct is set to 0 allowing an attacker to crash the system via a maliciously crafted tar file...

8.1CVSS8.2AI score0.01133EPSS
Exploits0References11Affected Software2
Snyk
Snyk
added 2022/07/15 11:30 p.m.3 views

Incorrect Authorization

Overview std/syscall is a Go standard library package std/syscall Affected versions of this package are vulnerable to Incorrect Authorization. Go Vulnerability Report: When called with a non-zero flags parameter, the Faccessat function can incorrectly report that a file is accessible. Remediation...

6.9CVSS9.2AI score0.02593EPSS
Exploits1References3
OSV
OSV
added 2022/06/23 5:15 p.m.8 views

AZL-43915 CVE-2022-29526 affecting package buildah 1.18.0-29

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...

5.3CVSS6.8AI score0.02593EPSS
Exploits1References1
OSV
OSV
added 2022/06/23 5:15 p.m.7 views

AZL-47178 CVE-2022-29526 affecting package golang for versions less than 1.22.7-2

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...

5.3CVSS6.8AI score0.02593EPSS
Exploits1References1
OSV
OSV
added 2022/06/23 5:15 p.m.10 views

AZL-38911 CVE-2022-29526 affecting package cni for versions less than 1.1.2-4

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...

5.3CVSS6.8AI score0.02593EPSS
Exploits1References1
OSV
OSV
added 2022/06/23 5:15 p.m.8 views

AZL-45294 CVE-2022-29526 affecting package containernetworking-plugins for versions less than 1.6.1-4

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...

5.3CVSS6.8AI score0.02593EPSS
Exploits1References1
Rows per page
Query Builder