Lucene search
K

1898 matches found

OSV
OSV
added 2022/06/20 8:9 p.m.11 views

MAL-2022-122 Malicious code in @bitmex-frontend-team/segment-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3be52fff1327aa2cd3337a927eff4fcf771e6042a6284a1efe3e8032c4012019 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:9 p.m.4 views

Malicious code in @bitmex-frontend-team/segment-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3be52fff1327aa2cd3337a927eff4fcf771e6042a6284a1efe3e8032c4012019 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/19 6:15 a.m.4 views

UBUNTU-CVE-2014-125019

A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decodenalunit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix thi...

5.5CVSS5AI score0.00645EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/06/19 6:10 a.m.21 views

CVE-2014-125019 FFmpeg Slice Segment decode_nal_unit memory corruption

A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decodenalunit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix thi...

5.3CVSS5.4AI score0.00645EPSS
Exploits0References2
OSV
OSV
added 2022/05/24 10:12 p.m.8 views

GHSA-HX9Q-2MX4-M4PG Missing validation causes denial of service via `Conv3DBackpropFilterV2`

Impact The implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf tf.strings.unsortedsegmentjoin inputs='123', segmentids=0, numsegments=-1...

5.5CVSS5.8AI score0.00346EPSS
Exploits1References11
OSV
OSV
added 2022/05/24 10:8 p.m.3 views

GHSA-HRG5-737C-2P56 Missing validation causes denial of service via `UnsortedSegmentJoin`

Impact The implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf tf.rawops.UnsortedSegmentJoin inputs=tf.constant"this", shape=12,...

5.5CVSS6AI score0.00317EPSS
Exploits1References9
Debian CVE
Debian CVE
added 2022/05/20 10:40 p.m.2 views

CVE-2022-29204

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...

5.5CVSS7AI score0.00346EPSS
Exploits1
CNNVD
CNNVD
added 2022/05/20 12:0 a.m.3 views

Google TensorFlow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which stems from an application calling a tf .compat.v1. operation. An attacker could exploit this...

5.5CVSS5.6AI score0.00317EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2022/05/20 12:0 a.m.3 views

PT-2022-19449

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description The implementation of tf.raw ops.UnsortedSegmentJoin does not fully validate the input...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References17
CNNVD
CNNVD
added 2022/05/10 12:0 a.m.20 views

Microsoft Visual Studio 输入验证错误漏洞

Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. A remote code execution vulnerability exists in Microsoft Visual Studio that originates when a...

7.8CVSS8.9AI score0.0266EPSS
Exploits0References6
CNVD
CNVD
added 2022/04/20 12:0 a.m.12 views

Oracle MySQL Input Validation Error Vulnerability (CNVD-2022-36955)

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Server is one of the database server components. MySQL Connectors is one of the drivers for connecting to applications that use MySQL. Oracle MySQL is vulnerable to an input validation error. The...

6.3CVSS4.1AI score0.78666EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/20 12:0 a.m.12 views

Oracle MySQL Input Validation Error Vulnerability (CNVD-2022-31689)

Oracle MySQL is an open source relational database management system from Oracle Corporation.MySQL Server is one of the database server components.MySQL Connectors is one of the drivers for connecting applications that use MySQL. An input validation error vulnerability exists in Oracle MySQL for...

6.3CVSS5.7AI score0.02959EPSS
Exploits0References1
Prion
Prion
added 2022/04/19 9:15 p.m.22 views

Design/Logic Flaw

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

4CVSS5.9AI score0.78666EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/04/19 8:38 p.m.30 views

CVE-2022-21486

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

2.9CVSS2.5AI score0.01625EPSS
Exploits0References2
OSV
OSV
added 2022/04/19 8:38 p.m.30 views

CVE-2022-21483

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

6.3CVSS5.7AI score0.02959EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/04/19 8:38 p.m.36 views

CVE-2022-21482

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where th...

6.3CVSS6AI score0.03079EPSS
Exploits0References2
OSV
OSV
added 2022/04/19 12:0 a.m.2 views

OSV-2022-359 Heap-use-after-free in Segment::write

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46788 Crash type: Heap-use-after-free READ 1 Crash state: Segment::write Doublewrite::writepages Doublewrite::flushtodisk...

7.2AI score
Exploits0References1
CNNVD
CNNVD
added 2022/04/19 12:0 a.m.6 views

Oracle MySQL 缓冲区错误漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Server is one of the database server components, and MySQL Connectors is one of the drivers that connects to applications that use MySQL. The vulnerability allows a highly privileged attacker to...

2.9CVSS7.4AI score0.0175EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2022/04/15 12:0 a.m.6 views

The vulnerability of the gc_data_segment function (fs/f2fs/gc.c) in the Linux operating system kernel allows a hacker to trigger a service failure.

The vulnerability of the gcdatasegment function fs/f2fs/gc.c in the Linux operating system kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.01234EPSS
Exploits1References32Affected Software4
ATTACKERKB
ATTACKERKB
added 2022/04/13 11:0 p.m.5 views

CVE-2022-20678

A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could...

8.6CVSS6.7AI score0.00924EPSS
Exploits0References2
Rows per page
Query Builder