108 matches found
CVE-2024-20150
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018...
CVE-2024-20149
CVE-2024-20149 affects the Modem component, with an input validation flaw that can cause a remote denial of service (no privileges, no user interaction needed). The vulnerability is associated with a network-based attack vector and a high impact on availability (CVSS 3.1 base score 7.5). Affected...
CVE-2024-20077
CVE-2024-20077 affects MediaTek Modem. The issue is due to incorrect error handling in the Modem, which can cause a remote system crash and denial of service without requiring privileges or user interaction. Exploitation would use a network vector (AV:N, AC:L, PR:N, UI:N) and could impact availab...
PT-2024-28309 · Rjrodger · Jsonic-Next
Name of the Vulnerable Software and Affected Versions: rjrodger jsonic-next version 2.12.1 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties, leveraging a prototype pollution vulnerability in the empty function...
PT-2024-1924
Name of the Vulnerable Software and Affected Versions QEMU versions 7.1.0 through 8.2.1 Description The issue is related to a buffer overflow in the register vfs function in hw/pci/pcie sriov.c of the QEMU hardware emulator. This occurs when a guest writes NumVFs greater than TotalVFs, leading to...
Out-of-bounds
In imgsyscmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354025; Issue ID: ALPS07340108...
PT-2023-4757
Name of the Vulnerable Software and Affected Versions angular versions 1.0.0 and later Description The issue is related to the $resource service in angular, which uses an insecure regular expression. This can lead to a Regular Expression Denial of Service ReDoS when a large, carefully-crafted inp...
PT-2022-5611
Name of the Vulnerable Software and Affected Versions LibTIFF affected versions not specified Description A critical issue was found in LibTIFF, affecting the TIFFReadRGBATileExt function in the libtiff/tif getimage.c file. This issue is related to an integer overflow and can be exploited remotel...
PT-2022-21872 · Hiwin · Hiwin Robot System
Name of the Vulnerable Software and Affected Versions: HIWIN Robot System Software version 3.3.21.9869 Description: The issue arises from the software's failure to properly address the terminated command source. This allows an attacker to craft code that can disconnect the HIWIN Robot System...
CVE-2022-39271 Traefik HTTP/2 connections management could cause a denial of service
Traefik pronounced traffic is a modern HTTP reverse proxy and load balancer that assists in deploying microservices. There is a potential vulnerability in Traefik managing HTTP/2 connections. A closing HTTP/2 server connection could hang forever because of a subsequent fatal error. This failure...
CVE-2022-35993
TensorFlow is an open source platform for machine learning. When SetSize receives an input setshape that is not a 1D tensor, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit cf70b79d2662c0d3c6af74583641e345fc939467. The fix...
CVE-2022-35990 `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannelGradient` in TensorFlow
TensorFlow is an open source platform for machine learning. When tf.quantization.fakequantwithminmaxvarsperchannelgradient receives input min or max of rank other than 1, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35987 `CHECK` fail in `DenseBincount` in TensorFlow
TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...
CVE-2022-35984 `CHECK` fail in `ParameterizedTruncatedNormal` in TensorFlow
TensorFlow is an open source platform for machine learning. ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35981 `CHECK` fail in `FractionalMaxPoolGrad` in TensorFlow
TensorFlow is an open source platform for machine learning. FractionalMaxPoolGrad validates its inputs with CHECK failures instead of with returning errors. If it gets incorrectly sized inputs, the CHECK failure can be used to trigger a denial of service attack. We have patched the issue in GitHu...
CVE-2022-35973 Segfault in `QuantizedMatMul` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedMatMul is given nonscalar input for: mina, maxa, minb, or maxb It gives a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit aca766ac7693bf29ed0df55ad6bfcc78f35e7f48. T...
CVE-2022-35963 `CHECK` failures in `FractionalAvgPoolGrad` in TensorFlow
TensorFlow is an open source platform for machine learning. The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the...
CVE-2022-24792 Potential infinite loop when parsing WAV format file in PJSIP
PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data chunks with length...
CVE-2020-15197
In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has rank 2. This tensor must be a matrix because code assumes its elements are access...
OPENSUSE-SU-2019:2278-1 Security update for dovecot23
This update for dovecot23 fixes the following issue: - CVE-2019-11500: Fixed the NUL byte handling in IMAP and ManageSieve protocol parsers. bsc1145559 - CVE-2019-11499: Fixed a vulnerability where the submission-login would crash over a TLS secured channel bsc1133625. - CVE-2019-11494: Fixed a...