Heap overflow

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array. This occurs whenever axis is a negative value less than -1. In this case, we are accessing data before the start o...

Moderate: Red Hat Enhancement Advisory: OpenShift Sandboxed Containers 1.1.0 update

An update to OpenShift sandboxed containers 1.1.0 is now available. OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional optional runtime. This advisory contains an update for OpenShift sandboxed...

GHSA-FJ58-H2FR-3PP2 SQL Injection and Cross-site Scripting in class-validator

In TypeStack class-validator, validate input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional forbidUnknownValues parameter that can be used to reduce the risk of this bypass, this option is not documented a...

SUSE-SU-2021:3256-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: - CVE-2021-3677: Fixed memory disclosure in certain queries bsc1189748. - Fixed build with llvm12 on s390x bsc1185952. - Re-enabled icu for PostgreSQL 10 bsc1179945. - Made the dependency of postgresqlXX-server-devel on llvm and clang...

SUSE-SU-2021:3119-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: - CVE-2021-3677: Fixed memory disclosure in certain queries bsc1189748. - Fixed build with llvm12 on s390x bsc1185952. - Re-enabled icu for PostgreSQL 10 bsc1179945. - Made the dependency of postgresqlXX-server-devel on llvm and clang...

CVE-2020-18900

A heap-based buffer overflow in the libexeiohandlereadcoffoptionalheader function of libyal libexe before 20181128. NOTE: the vendor has disputed this as described in libyal/libexe issue 1 on GitHub...

UBUNTU-CVE-2020-18900

DISPUTED A heap-based buffer overflow in the libexeiohandlereadcoffoptionalheader function of libyal libexe before 20181128. NOTE: the vendor has disputed this as described in libyal/libexe issue 1 on GitHub...

CVE-2021-36087

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmapmatchany called indirectly from cilcheckneverallow. This occurs because there is sometimes a lack of checks for invalid statements in an optional block...

CVE-2021-36087

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmapmatchany called indirectly from cilcheckneverallow. This occurs because there is sometimes a lack of checks for invalid statements in an optional block...

UBUNTU-CVE-2021-36087

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmapmatchany called indirectly from cilcheckneverallow. This occurs because there is sometimes a lack of checks for invalid statements in an optional block...

CVE-2021-36087

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmapmatchany called indirectly from cilcheckneverallow. This occurs because there is sometimes a lack of checks for invalid statements in an optional block...

Deploying Enterprise Apps on AE | Console message: Cannot Be Required App

When an Enterprise application is uploaded to the Google Play Store using the Android Enterprise method, we are prompted to make this appOptional only. Console message: Cannot Be Required App is an Enterprise app and cannot be deployed as a required app for Android Enterprise. It can be included ...

lldp/openvswitch: denial of service via externally triggered memory leak

A flaw was found in multiple versions of Open vSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability...

EulerOS Virtualization 3.0.2.6 : perl-DBD-MySQL (EulerOS-SA-2021-1447)

According to the versions of the perl-DBD-MySQL package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of...

CVE-2020-8356

An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in clear text. Affected logs are captured in the First Failure Data Capture FFDC service log. The FFDC...

CVE-2021-20335

For MongoDB Ops Manager versions prior to and including 4.2.24 with multiple OM application servers, that have SSL turned on for their MongoDB processes, the upgrade to MongoDB Ops Manager versions prior to and including 4.4.12 triggers a bug where Automation thinks SSL is being turned off, and c...

UBUNTU-CVE-2021-20335

For MongoDB Ops Manager versions prior to and including 4.2.24 with multiple OM application servers, that have SSL turned on for their MongoDB processes, the upgrade to MongoDB Ops Manager versions prior to and including 4.4.12 triggers a bug where Automation thinks SSL is being turned off, and c...

PT-2026-22248

Name of the Vulnerable Software and Affected Versions Net::CIDR versions prior to 0.24 Description The software mishandles leading zeros in IP CIDR addresses, potentially leading to an unspecified impact. The addr2cidr and cidrlookup functions can return leading zeros within a CIDR string, which...

June 18, 2020—KB4567523 (OS Build 19041.331)

June 18, 2020—KB4567523 OS Build 19041.331 IMPORTANT We have been evaluating the public health situation, and we understand this is impacting our customers. In response to these challenges, we are prioritizing our focus on security updates. Starting in May 2020, we are pausing all optional...

Heap Buffer Overflow

tensorflow is vulnerable to heap buffer overflow. Failure to ensure that only operators which accept optional inputs use the -1 special value and only for the tensors that they expect to be optional allows an attacker to write and read from outside the bounds of heap allocated arrays...