Lucene search
K

108 matches found

Vulnrichment
Vulnrichment
added 2025/01/06 3:17 a.m.10 views

CVE-2024-20150

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018...

7AI score0.00744EPSS
Exploits0References1
CVE
CVE
added 2025/01/06 3:17 a.m.62 views

CVE-2024-20149

CVE-2024-20149 affects the Modem component, with an input validation flaw that can cause a remote denial of service (no privileges, no user interaction needed). The vulnerability is associated with a network-based attack vector and a high impact on availability (CVSS 3.1 base score 7.5). Affected...

7.5CVSS7.2AI score0.0071EPSS
Exploits0References1Affected Software6
CVE
CVE
added 2024/07/01 3:18 a.m.107 views

CVE-2024-20077

CVE-2024-20077 affects MediaTek Modem. The issue is due to incorrect error handling in the Modem, which can cause a remote system crash and denial of service without requiring privileges or user interaction. Exploitation would use a network vector (AV:N, AC:L, PR:N, UI:N) and could impact availab...

7.5CVSS7AI score0.00744EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/01 12:0 a.m.6 views

PT-2024-28309 · Rjrodger · Jsonic-Next

Name of the Vulnerable Software and Affected Versions: rjrodger jsonic-next version 2.12.1 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties, leveraging a prototype pollution vulnerability in the empty function...

9.8CVSS7.5AI score0.00876EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/02/14 12:0 a.m.3 views

PT-2024-1924

Name of the Vulnerable Software and Affected Versions QEMU versions 7.1.0 through 8.2.1 Description The issue is related to a buffer overflow in the register vfs function in hw/pci/pcie sriov.c of the QEMU hardware emulator. This occurs when a guest writes NumVFs greater than TotalVFs, leading to...

8.8CVSS7.6AI score0.01405EPSS
Exploits3References127
Prion
Prion
added 2023/09/04 3:15 a.m.29 views

Out-of-bounds

In imgsyscmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354025; Issue ID: ALPS07340108...

1.3CVSS4.4AI score0.00088EPSS
Exploits0References1Affected Software4
Positive Technologies
Positive Technologies
added 2023/03/30 12:0 a.m.2 views

PT-2023-4757

Name of the Vulnerable Software and Affected Versions angular versions 1.0.0 and later Description The issue is related to the $resource service in angular, which uses an insecure regular expression. This can lead to a Regular Expression Denial of Service ReDoS when a large, carefully-crafted inp...

5.3CVSS7.2AI score0.01695EPSS
Exploits2References35
Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.0 views

PT-2022-5611

Name of the Vulnerable Software and Affected Versions LibTIFF affected versions not specified Description A critical issue was found in LibTIFF, affecting the TIFFReadRGBATileExt function in the libtiff/tif getimage.c file. This issue is related to an integer overflow and can be exploited remotel...

10CVSS6.9AI score0.04204EPSS
Exploits55References330
Positive Technologies
Positive Technologies
added 2022/10/17 12:0 a.m.6 views

PT-2022-21872 · Hiwin · Hiwin Robot System

Name of the Vulnerable Software and Affected Versions: HIWIN Robot System Software version 3.3.21.9869 Description: The issue arises from the software's failure to properly address the terminated command source. This allows an attacker to craft code that can disconnect the HIWIN Robot System...

7.5CVSS7.5AI score0.00704EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/10/11 12:0 a.m.8 views

CVE-2022-39271 Traefik HTTP/2 connections management could cause a denial of service

Traefik pronounced traffic is a modern HTTP reverse proxy and load balancer that assists in deploying microservices. There is a potential vulnerability in Traefik managing HTTP/2 connections. A closing HTTP/2 server connection could hang forever because of a subsequent fatal error. This failure...

7.5CVSS7.3AI score0.01016EPSS
Exploits0References3
NVD
NVD
added 2022/09/16 11:15 p.m.38 views

CVE-2022-35993

TensorFlow is an open source platform for machine learning. When SetSize receives an input setshape that is not a 1D tensor, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit cf70b79d2662c0d3c6af74583641e345fc939467. The fix...

7.5CVSS0.00396EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/09/16 10:0 p.m.9 views

CVE-2022-35990 `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannelGradient` in TensorFlow

TensorFlow is an open source platform for machine learning. When tf.quantization.fakequantwithminmaxvarsperchannelgradient receives input min or max of rank other than 1, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...

5.9CVSS7.5AI score0.00383EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/09/16 9:40 p.m.6 views

CVE-2022-35987 `CHECK` fail in `DenseBincount` in TensorFlow

TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...

5.9CVSS7.5AI score0.00396EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/09/16 9:40 p.m.5 views

CVE-2022-35984 `CHECK` fail in `ParameterizedTruncatedNormal` in TensorFlow

TensorFlow is an open source platform for machine learning. ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

5.9CVSS7.4AI score0.00396EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/09/16 9:15 p.m.4 views

CVE-2022-35981 `CHECK` fail in `FractionalMaxPoolGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. FractionalMaxPoolGrad validates its inputs with CHECK failures instead of with returning errors. If it gets incorrectly sized inputs, the CHECK failure can be used to trigger a denial of service attack. We have patched the issue in GitHu...

5.9CVSS7.4AI score0.00396EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/09/16 9:0 p.m.7 views

CVE-2022-35973 Segfault in `QuantizedMatMul` in TensorFlow

TensorFlow is an open source platform for machine learning. If QuantizedMatMul is given nonscalar input for: mina, maxa, minb, or maxb It gives a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit aca766ac7693bf29ed0df55ad6bfcc78f35e7f48. T...

5.9CVSS7.5AI score0.00423EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/09/16 8:10 p.m.9 views

CVE-2022-35963 `CHECK` failures in `FractionalAvgPoolGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the...

5.9CVSS6.3AI score0.00396EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/04/25 12:0 a.m.7 views

CVE-2022-24792 Potential infinite loop when parsing WAV format file in PJSIP

PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data chunks with length...

7.5CVSS7.5AI score0.01779EPSS
Exploits0References6
OSV
OSV
added 2020/09/25 7:15 p.m.16 views

CVE-2020-15197

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has rank 2. This tensor must be a matrix because code assumes its elements are access...

6.3CVSS6.1AI score
Exploits0References3
OSV
OSV
added 2019/10/07 2:20 p.m.7 views

OPENSUSE-SU-2019:2278-1 Security update for dovecot23

This update for dovecot23 fixes the following issue: - CVE-2019-11500: Fixed the NUL byte handling in IMAP and ManageSieve protocol parsers. bsc1145559 - CVE-2019-11499: Fixed a vulnerability where the submission-login would crash over a TLS secured channel bsc1133625. - CVE-2019-11494: Fixed a...

9.8CVSS8.6AI score0.62579EPSS
Exploits1References7
Rows per page
Query Builder