Lodestar 输入验证错误漏洞

Lodestar is a TypeScript implementation of Ethernet consensus. Versions of Lodestar prior to 0.36.0 suffer from an input validation error vulnerability that stems from the inclusion of maliciously crafted AttesterSlashing or ProposerSlashing on the chain, which may have a consensus split...

OSV-2022-394 Incorrect-function-pointer-type in cv::split

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47190 Crash type: Incorrect-function-pointer-type Crash state: cv::split cv::split TestSplitAndMerge...

CVE-2022-22191

A Denial of Service DoS vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout, causing the Packet...

RHEL 8 : Red Hat OpenStack Platform 16.1 (golang-github-vbatts-tar-split) (RHSA-2022:0988)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0988 advisory. Security Fixes: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet CVE-2021-29923 golang:...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (golang-github-vbatts-tar-split) security update

An update for golang-github-vbatts-tar-split is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 8 : Red Hat OpenStack Platform 16.2 (golang-github-vbatts-tar-split) (RHSA-2022:0998)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0998 advisory. Security Fixes: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet CVE-2021-29923 crypto/tls:...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (golang-github-vbatts-tar-split) security update

An update for golang-github-vbatts-tar-split is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc USA. Google Chrome suffers from a resource management error vulnerability that stems from post-release reuse in split screen...

GHSA-43Q8-3FV7-PR5X Improper Validation of Integrity Check Value in TensorFlow

Impact The implementation of tf.sparse.split does not fully validate the input arguments. Hence, a malicious user can trigger a denial of service via a segfault or a heap OOB read: python import tensorflow as tf data = tf.random.uniform1, 32, 32, dtype=tf.float32 axis = 1, 2 x =...

SUSE: Security Advisory (SUSE-SU-2022:0283-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Two pairs can have same tokens

Handle sirhashalot Vulnerability details Impact The createLPoolPair function in ControllerV1.sol tries to prevent a pair from being create if it already exists. It does this with the statement requirelpoolPairstoken0token1.lpool0 == address0 || lpoolPairstoken1token0.lpool0 == address0, 'pool pai...

SAFARI Montage 注入漏洞

SAFARI Montage is a formative assessment tool from safarimontage that enables instructors to check students' understanding of topics or concepts during a course. SAFARI Montage version 8.7.32 suffers from an injection vulnerability that stems from the application not doing strict validation of us...

PYSEC-2021-868

An issue was discovered in splitregion in uc.c in Unicorn Engine before 2.0.0-rc5. It allows local attackers to escape the sandbox. An attacker must first obtain the ability to execute crafted code in the target sandbox in order to exploit this vulnerability. The specific flaw exists within the...

py39-unicorn -- sandbox escape and arbitrary code execution vulnerability

jwang-a reports: An issue was discovered in splitregion in uc.c in Unicorn Engine before 2.0.0-rc5. It allows local attackers to escape the sandbox. An attacker must first obtain the ability to execute crafted code in the target sandbox in order to exploit this vulnerability. The specific flaw...

OSV-2021-1690 Global-buffer-overflow in search_table_1

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42266 Crash type: Global-buffer-overflow READ 1 Crash state: searchtable1 splitbogusoperator pdfiinterpretstreamoperator...

GHSA-9CRF-C6QR-R273 Integer division by 0 in `tf.raw_ops.AllToAll`

Impact The shape inference code for AllToAll can be made to execute a division by 0: python import tensorflow as tf @tf.function def func: return tf.rawops.AllToAll input=0.0, 0.1652, 0.6543, groupassignment=1, -1, concatdimension=0, splitdimension=0, splitcount=0 func This occurs whenever the...

Swaps are not split when trade crosses target price

Handle cmichel Vulnerability details The protocol uses two amplifier values A1 and A2 for the swap, depending on the target price, see SwapUtils.determineA. The swap curve is therefore a join of two different curves at the target price. When doing a trade that crosses the target price, it should...

kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check

An issue was discovered in splithugepmd in mm/hugememory.c in the Linux kernel. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check...

PYSEC-2021-410

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for AllToAll can be made to execute a division by 0. This occurs whenever the splitcount argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on...

PYSEC-2021-410

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for AllToAll can be made to execute a division by 0. This occurs whenever the splitcount argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on...