mdbtools 缓冲区错误漏洞

mdbtools is MDB Tools is a group of programs that help you extract data from Microsoft Access files under various settings. A security vulnerability exists in mdbtools 0.9.2 that stems from a stack-based buffer overflow in mdbnumerictostring called from mdbxferbounddata and mdbattemptbind...

mdbtools 缓冲区错误漏洞

mdbtools is MDB Tools is a group of programs that help you extract data from Microsoft Access files under various settings. A security vulnerability exists in MDB Tools aka mdbtools 0.9.2 that stems from a stack-based buffer overflow in mdbnumerictostring from mdbxferbounddata and mdbattemptbind...

CVE-2021-45926

MDB Tools aka mdbtools 0.9.2 has a stack-based buffer overflow at 0x7ffd0c689be0 in mdbnumerictostring called from mdbxferbounddata and mdbattemptbind...

PT-2021-24317 · Mdb Tools · Mdb Tools

Name of the Vulnerable Software and Affected Versions: MDB Tools aka mdbtools version 0.9.2 Description: The issue is a stack-based buffer overflow in the mdb numeric to string function, which is called from mdb xfer bound data and mdb attempt bind. This overflow occurs at the memory address...

PT-2021-24316 · Mdb Tools · Mdb Tools

Name of the Vulnerable Software and Affected Versions: MDB Tools aka mdbtools version 0.9.2 Description: The issue is a stack-based buffer overflow in the mdb numeric to string function, which is called from mdb xfer bound data and mdb attempt bind. This overflow occurs at the memory address...

Privilege Elevation in runc

libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container...

Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier (aka OID) represented as a numerical string containing many components separated by . (dot) characters.

...

Mitsubishi Electric FA Engineering Software 数字错误漏洞

Mitsubishi Electric FA engineering software is an engineering software from Mitsubishi Electric Japan. It provides improved efficiency in design and debugging, reduced downtime, and data protection. The Mitsubishi Electric FA engineering software suffers from a numeric error vulnerability that...

The vulnerability of the ANGLE library in Microsoft Edge and Google Chrome browsers allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the ANGLE library in Microsoft Edge and Google Chrome is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure by sending a specially crafted request...

Google Chrome 数字错误漏洞

Google Chrome is a web browser from Google, Inc. A numeric error vulnerability exists in Google Chrome that stems from an integer underflow in the ANGLE module...

CVE-2021-42122

Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 on an object’s attributes with numeric format allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format, which makes the...

Input validation

Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 on an object’s attributes with numeric format allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format, which make...

Google TensorFlow Numeric Error Vulnerability (CNVD-2022-09877)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a numeric error vulnerability that stems from TensorFlow's implementation of pooling operations in which values in a sliding window are not rigorously checked for...

Exploit for Incorrect Conversion between Numeric Types in Linux Linux_Kernel

CVE-2020-27194 my exp for CVE-2020-27194, tested on linux kernel 5.8.14. More details : https://ama2in9.top/2020/12/14/CVE-2020-27194/ reference CVE-2020-8835 pwn2own 2020 ebpf 提权漏洞分析 CVE-2020-8835 pwn2own 2020 ebpf 通过任意读写提权分析...

Google TensorFlow numeric error vulnerability (CNVD-2021-88715)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A numeric error vulnerability exists in versions of Google TensorFlow prior to 2.7.0, which stems from the fact that AllToAll in TensorFlow performs division by zero when inferring code. No details of t...

Google TensorFlow Numeric Error Vulnerability (CNVD-2021-88254)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow versions prior to 2.7.0 suffer from a numeric error vulnerability that stems from the fact that TensorFlow's ParallelConcat loses some input validation and produces a divide by...

Google TensorFlow Numeric Error Vulnerability (CNVD-2021-88253)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A numeric error vulnerability exists in Google TensorFlow versions prior to 2.7.0, which stems from the implementation of the convolution operator triggering division by 0 when TensorFlow is...

Google TensorFlow 数字错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a numeric error vulnerability that stems from TensorFlow's implementation of pooling operations in which values in a sliding window are not rigorously checked for...

Google TensorFlow 数字错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A numeric error vulnerability exists in versions of Google TensorFlow prior to 2.7.0, which stems from the fact that AllToAll in TensorFlow performs division by zero when inferring code. No details of t...

Google TensorFlow 数字错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A numeric error vulnerability exists in Google TensorFlow versions prior to 2.7.0, which stems from the implementation of the convolution operator triggering division by 0 when TensorFlow is...