The vulnerability of the IncrementOffset() function in the TensorFlow machine learning system, which allows a hacker to trigger a service failure.

The vulnerability of the IncrementOffset function in the TensorFlow machine learning system is related to the violation of the buffer’s initial boundary when processing the sizeofchunk value. Exploiting this vulnerability can allow an attacker to trigger a service failure...

Potential DoS in unbounded for loop

Lines of code Vulnerability details Proof of Concept The function facets in Getters.sol iterates over the DiamondStorage facets array. In Diamond.sol we can see that by calling diamondCut in a way that saveFacetIfNew gets called, the diamond owner can add an indefinite amount of entries. If this ...

kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region

A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...

CVE-2022-33193

Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...

Command injection

Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...

USN-5695-1 linux-gcp vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

CLSA-2022-1666283812 Fixed CVE-2022-1012 in kernel

secureseq: use the 64 bits of the siphash for port offset calculation CVE-2022-1012...

CLSA-2022-1666277963 Fixed CVE-2022-1012 in kernel

secureseq: use the 64 bits of the siphash for port offset calculation CVE-2022-1012...

DEBIAN-CVE-2022-43043

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BDCheckSFTimeOffset at /bifs/fielddecode.c...

UBUNTU-CVE-2022-43043

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BDCheckSFTimeOffset at /bifs/fielddecode.c...

Memory corruption

Memory corruption in automotive multimedia due to use of out-of-range pointer offset while parsing command request packet with a very large type value. in Snapdragon Auto...

GPAC 安全漏洞

GPAC is an open source multimedia framework. A security vulnerability exists in GPAC version 2.1-DEV-rev368-gfd054169b-master, which stems from a function BDCheckSFTimeOffset in /bifs/fielddecode.c that contains a segmentation violation...

Qualcomm Automotive Multimedia 缓冲区错误漏洞

Qualcomm Automotive Multimedia is a support firmware for automotive multimedia from Qualcomm. A security vulnerability exists in Qualcomm Automotive Multimedia that originates from an out-of-range pointer offset that results in memory corruption...

CVE-2022-33210

Memory corruption in automotive multimedia due to use of out-of-range pointer offset while parsing command request packet with a very large type value. in Snapdragon Auto...

DEBIAN-CVE-2022-35051

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b55af...

Siemens LOGO! 8 BM input validation error vulnerability

A security vulnerability exists in Siemens LOGO! 8 BM, a programming software for the Windows platform used in industrial environments from Siemens, Germany. The vulnerability stems from the inability to properly validate offset values defined in TCP packets when calling methods. An attacker coul...

CVE-2022-36363

A vulnerability has been identified in LOGO! 12/24RCE 6ED1052-1MD08-0BA1 All versions, LOGO! 12/24RCEo 6ED1052-2MD08-0BA1 All versions, LOGO! 230RCE 6ED1052-1FB08-0BA1 All versions, LOGO! 230RCEo 6ED1052-2FB08-0BA1 All versions, LOGO! 24CE 6ED1052-1CC08-0BA1 All versions, LOGO! 24CEo...

Design/Logic Flaw

A vulnerability has been identified in LOGO! 12/24RCE All versions, LOGO! 12/24RCEo All versions, LOGO! 230RCE All versions, LOGO! 230RCEo All versions, LOGO! 24CE All versions, LOGO! 24CEo All versions, LOGO! 24RCE All versions, LOGO! 24RCEo All versions, SIPLUS LOGO! 12/24RCE All versions, SIPL...

PT-2022-7653 · Siemens · Logo! 230Rce +6

Name of the Vulnerable Software and Affected Versions: LOGO! 12/24RCE versions 6ED1052-1MD08-0BA1 LOGO! 12/24RCEo versions 6ED1052-2MD08-0BA1 LOGO! 230RCE versions 6ED1052-1FB08-0BA1 LOGO! 230RCEo versions 6ED1052-2FB08-0BA1 LOGO! 24CE versions 6ED1052-1CC08-0BA1 LOGO! 24CEo versions...

Siemens LOGO! 8 BM 输入验证错误漏洞

A security vulnerability exists in Siemens LOGO! 8 BM, a programming software for the Windows platform used in industrial environments from Siemens, Germany. The vulnerability stems from the inability to properly validate offset values defined in TCP packets when calling methods. An attacker coul...