PYSEC-2020-258

In TensorFlow before 1.15.2 and 2.0.1, converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker c...

PYSEC-2020-258

In TensorFlow before 1.15.2 and 2.0.1, converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker c...

PT-2020-18311 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.1 TensorFlow versions prior to 2.0.1 Description: Converting a string to a tf.float16 value results in a segmentation fault in eager mode, as format checks for this use case are only in graph mode. This issue...

UBUNTU-CVE-2019-9942

A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the toString method on an object even if not allowed by the security policy in place...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write. PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp. Remediation There is no fixed version for podofo. References - Lists.fedoraproject.org - Sourceforge.net...

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20180524)

This update upgrades Thunderbird to version 52.8.0. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 CVE-2018-5150 - Mozilla: Backport critical security fixes in Skia CVE-2018-5183 - Mozilla: Use-after-free with SVG animations and clip paths CVE-2018-5154 -...

Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20180515)

This update upgrades Firefox to version 52.8.0 ESR. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 CVE-2018-5150 - Mozilla: Backport critical security fixes in Skia CVE-2018-5183 - Mozilla: Use-after-free with SVG animations and clip paths CVE-2018-5154 -...

openSUSE: Security Advisory for quagga (openSUSE-SU-2018:0473-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Design/Logic Flaw

The Quagga BGP daemon bgpd prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input...

CVE-2018-5380

CVE-2018-5380 affects the Quagga BGP daemon (bgpd) prior to version 1.2.3, which can overrun internal BGP code-to-string conversion tables used for debug by one pointer value. The connected sources corroborate that this is one of several Quagga issues (CVE-2018-5378–5381) and show remediation pat...

Pivotal Spring AMQP Remote Code Execution Vulnerability

Spring AMQP is based on the Spring Framework AMQP messaging solution , providing templated send and receive messages to the abstraction layer , providing message-driven POJO-based message listening and so on. A remote code execution vulnerability exists in Pivotal Spring AMQP...

Artifex Software MuJS Memory Misreference Vulnerability

Artifex Software MuJS is a lightweight JavaScript interpreter from Artifex Software, USA. A memory misreference vulnerability exists in the RptoString function in previous versions of Artifex Software MuJS 5c337af4b3df80cf967e4f9f6a21522de84b392a, which can be exploited by an attacker to execute...

Return to libstagefright: exploiting libutils on Android

Posted by Mark Brand, Invalidator of Unic�o�d�e I’ve been investigating different fuzzing approaches on some Android devices recently, and this turned up the following rather interesting bug CVE 2016-3861 fixed in the most recent Android Security Bulletin, deep in the bowels of the usermode Andro...

CVE-2016-2380

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially result in an out-of-bounds read. A user could be convinced to enter a particular string which would then get converted incorrectly and could lead to a...

Adobe Flash - Object.unwatch Use-After-Free

Adobe Flash - Object.unwatch Use-After-Free Sources: https://bugs.chromium.org/p/project-zero/issues/detail?id=716 https://googleprojectzero.blogspot.ca/2016/03/life-after-isolated-heap.html The bug is an uninitialized variable in the fix to an ActionScript 2 use-after-free bug. Roughly 80 of the...

IBM DB2 DTS To String Conversion - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11400/info IBM DB2 is reported prone to a denial of service vulnerability when DTS to string conversion is carried out. It is reported that during a DTS to string conversion a trap occurs if an empty formatting string is...

Critical: ruby

Issue Overview: Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a string that...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2513)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-2513 advisory. - wakeupprocess should be never used to wakeup a TASKSTOPPED/TRACED task Oleg Nesterov Orabug: 16405869 CVE-2013-0871 - ptrace: ensure...

wireshark: NULL pointer vulnerabilities (wnpa-sec-2012-02)

Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted packet, related to epan/tostr.c...

wireshark: NULL pointer vulnerabilities (wnpa-sec-2012-02)

Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted packet, related to epan/tostr.c...