1898 matches found
MAL-2022-122 Malicious code in @bitmex-frontend-team/segment-analytics (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3be52fff1327aa2cd3337a927eff4fcf771e6042a6284a1efe3e8032c4012019 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @bitmex-frontend-team/segment-analytics (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3be52fff1327aa2cd3337a927eff4fcf771e6042a6284a1efe3e8032c4012019 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
UBUNTU-CVE-2014-125019
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decodenalunit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix thi...
CVE-2014-125019 FFmpeg Slice Segment decode_nal_unit memory corruption
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decodenalunit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix thi...
GHSA-HX9Q-2MX4-M4PG Missing validation causes denial of service via `Conv3DBackpropFilterV2`
Impact The implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf tf.strings.unsortedsegmentjoin inputs='123', segmentids=0, numsegments=-1...
GHSA-HRG5-737C-2P56 Missing validation causes denial of service via `UnsortedSegmentJoin`
Impact The implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf tf.rawops.UnsortedSegmentJoin inputs=tf.constant"this", shape=12,...
CVE-2022-29204
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...
Google TensorFlow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which stems from an application calling a tf .compat.v1. operation. An attacker could exploit this...
PT-2022-19449
Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description The implementation of tf.raw ops.UnsortedSegmentJoin does not fully validate the input...
Microsoft Visual Studio 输入验证错误漏洞
Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. A remote code execution vulnerability exists in Microsoft Visual Studio that originates when a...
Oracle MySQL Input Validation Error Vulnerability (CNVD-2022-36955)
Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Server is one of the database server components. MySQL Connectors is one of the drivers for connecting to applications that use MySQL. Oracle MySQL is vulnerable to an input validation error. The...
Oracle MySQL Input Validation Error Vulnerability (CNVD-2022-31689)
Oracle MySQL is an open source relational database management system from Oracle Corporation.MySQL Server is one of the database server components.MySQL Connectors is one of the drivers for connecting applications that use MySQL. An input validation error vulnerability exists in Oracle MySQL for...
Design/Logic Flaw
Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...
CVE-2022-21486
Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...
CVE-2022-21483
Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...
CVE-2022-21482
Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where th...
OSV-2022-359 Heap-use-after-free in Segment::write
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46788 Crash type: Heap-use-after-free READ 1 Crash state: Segment::write Doublewrite::writepages Doublewrite::flushtodisk...
Oracle MySQL 缓冲区错误漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Server is one of the database server components, and MySQL Connectors is one of the drivers that connects to applications that use MySQL. The vulnerability allows a highly privileged attacker to...
The vulnerability of the gc_data_segment function (fs/f2fs/gc.c) in the Linux operating system kernel allows a hacker to trigger a service failure.
The vulnerability of the gcdatasegment function fs/f2fs/gc.c in the Linux operating system kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2022-20678
A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could...