1085 matches found
Google TensorFlow 数字错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow versions prior to 2.7.0 suffer from a numeric error vulnerability that stems from the fact that TensorFlow's ParallelConcat loses some input validation and produces a divide by...
Security update for binutils (moderate)
openSUSE Security Update: Security update for binutils Announcement ID: openSUSE-SU-2021:3616-1 Rating: moderate References: 1179898 1179899 1179900 1179901 1179902 1179903 1180451 1180454 1180461 1181452 1182252 1183511 1184620 1184794 PM-2767 SLE-18637 SLE-19618 SLE-21561 Cross-References:...
Backdoor.Win32.Antilam.14.o Remote Command Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2914f01e65d848655d4f1aac51ff04d1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Antilam.14.o Vulnerability: Unauthenticated Remote Command Execution Description: The...
systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits
A flaw was found in systemd, where it mishandles numerical usernames beginning with decimal digits, or "0x" followed by hexadecimal digits. When the usernames are used by systemd, for example in service units, an unexpected user may be used instead. In some particular configurations, this flaw...
Zephyr Number Error Vulnerability
Zephyr is an open source, small, scalable real-time operating system. Zephyr suffers from a numeric error vulnerability that stems from the reorganization header removal of Zephyr's integer downstream fragment in IEEE 802154. No detailed vulnerability details are provided at this time...
Zephyr 数字错误漏洞
Zephyr is an open source, small, scalable real-time operating system. Zephyr suffers from a numeric error vulnerability that stems from the reorganization header removal of Zephyr's integer downstream fragment in IEEE 802154. No detailed vulnerability details are provided at this time...
The vulnerability of TCP/IP NicheLite and InterNiche, related to comparing numerical ranges without minimal checks, allows attackers to cause service failures.
The vulnerability of TCP/IP NicheLite and InterNiche relates to the comparison of numerical ranges without any minimal checks during HTTP requests processing. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Information disclosure
Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2021-1904
CVE-2021-1904 is an information-disclosure issue arising in Qualcomm Snapdragon components where a child process may leak information from its parent due to numeric PIDs being compared and potentially reused. The CVE entry references Snapdragon Auto/Compute/Connectivity/Consumer IoT/Industrial Io...
Docker < 1.11.2 Privilege Escalation Vulnerability
Docker is prone to a privilege escalation vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
CVE-2021-37650
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.ExperimentalDatasetToTFRecord and tf.rawops.DatasetToTFRecord can trigger heap buffer overflow and segmentation fault. The implementation assumes that all records in the...
CVE-2021-37650 Segfault and heap buffer overflow in `{Experimental,}DatasetToTFRecord` in TensorFlow
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.ExperimentalDatasetToTFRecord and tf.rawops.DatasetToTFRecord can trigger heap buffer overflow and segmentation fault. The implementation assumes that all records in the...
Google TensorFlow数字错误漏洞
Google TensorFlow is an end-to-end open source machine learning platform. A denial of service vulnerability exists in Google TensorFlow. A local attacker could exploit this vulnerability to cause a denial of service condition...
CVE-2021-36159
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the...
CVE-2021-36159
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the...
CVE-2021-36159
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the...
libfetch 缓冲区错误漏洞
libfetch is a browser extension that makes it easier to access the content of electronic resources subscribed to by the NIE Library. A buffer error vulnerability exists in libfetch that stems from incorrectly handling strings of numbers for the FTP and HTTP protocols. the FTP passive mode...
PT-2021-21147 · Libfetch +2 · Libfetch +2
Name of the Vulnerable Software and Affected Versions: libfetch versions prior to 2021-07-26 Description: The issue concerns the mishandling of numeric strings for the FTP and HTTP protocols. Specifically, the FTP passive mode implementation allows an out-of-bounds read due to the use of strtol t...
Qualcomm 芯片数字错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. A numeric error vulnerability exists in Qualcomm chips, please...
Qualcomm 芯片数字错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. A numeric error vulnerability exists in Qualcomm chips, please...