PYSEC-2021-212

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. The...

PYSEC-2021-212

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. The...

CVE-2021-29575

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. The...

PT-2021-18326 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: The implementation of tf.raw...

AZL-7292 CVE-2021-32055 affecting package mutt for versions less than 2.0.5-4

Mutt 1.11.0 through 2.0.x before 2.0.7 and NeoMutt 2019-10-25 through 2021-05-04 has a $imapqresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imapqresync setting for QRESYNC is not enabled by default...

DEBIAN-CVE-2021-32055

Mutt 1.11.0 through 2.0.x before 2.0.7 and NeoMutt 2019-10-25 through 2021-05-04 has a $imapqresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imapqresync setting for QRESYNC is not enabled by default...

CVE-2021-32055

Mutt 1.11.0 through 2.0.x before 2.0.7 and NeoMutt 2019-10-25 through 2021-05-04 has a $imapqresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imapqresync setting for QRESYNC is not enabled by default...

PT-2021-4065 · Neomutt +4 · Neomutt +4

Name of the Vulnerable Software and Affected Versions: Mutt versions 1.11.0 through 2.0.x before 2.0.7 NeoMutt versions 2019-10-25 through 2021-05-04 Description: The issue is related to incorrect handling of an IMAP sequence set that ends with a comma in the imap/util.c component of Mutt and...

DEBIAN-CVE-2020-23915

An issue was discovered in cpp-peglib through v0.1.12. peg::resolveescapesequence in peglib.h has a heap-based buffer over-read...

UBUNTU-CVE-2020-23915

An issue was discovered in cpp-peglib through v0.1.12. peg::resolveescapesequence in peglib.h has a heap-based buffer over-read...

CVE-2020-23915

An issue was discovered in cpp-peglib through v0.1.12. peg::resolveescapesequence in peglib.h has a heap-based buffer over-read...

PT-2021-10984 · Unknown +1 · Cpp-Peglib +1

Name of the Vulnerable Software and Affected Versions: cpp-peglib versions prior to 0.1.13 Description: An issue was discovered in the peg::resolve escape sequence function, located in peglib.h, which has a heap-based buffer over-read. Recommendations: For versions prior to 0.1.13, update to...

cpp-peglib 缓冲区错误漏洞

yhirose cpp-peglib is a yhirose open source application. A header-only PEG Parsed Expression Grammar library. A security vulnerability exists in cpp-peglib version v0.1.12 and earlier, which stems from peg::resolve escape sequence in peglib.h having a heap-based buffer over-read...

Out-of-bounds Read

A heap-based buffer over-read was discovered in cpp-peglib's peg::resolveescapesequence in peglib.h...

Denial of service

A denial of service vulnerability was discovered in nbdkit. A client issuing a certain sequence of commands could possibly trigger an assertion failure, causing nbdkit to exit. This issue only affected nbdkit versions 1.12.7, 1.14.1, and 1.15.1...

PT-2021-4101 · Unknown +1 · Bitcoin Core +1

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions 0.12.0 through 0.21.1 Description: The issue is related to the incorrect replacement of a child transaction in the Bitcoin Core implementation, specifically in the PreChecks functionality. This can be exploited by a remo...

CVE-2020-25241

A vulnerability has been identified in SIMATIC MV400 family All Versions V7.0.6. The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions...

More on the Chinese Zero-Day Microsoft Exchange Hack

Nick Weaver has an excellent post on the Microsoft Exchange hack: The investigative journalist Brian Krebs has produced a handy timeline of events and a few things stand out from the chronology. The attacker was first detected by one group on Jan. 5 and another on Jan. 6, and Microsoft acknowledg...

The vulnerability in the implementation of the ISN generator of the protocol stack used in Contiki OS and uIP allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ISN generator implementation used in the Contiki OS and uIP is related to the use of insufficiently random values. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the implementation of the ISN generator for the PicoTCP protocol stack allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ISN generator implementation in the PicoTCP protocol stack is related to the use of insufficiently random values. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...