130 matches found
checkAfterExecution() function has a design flaw
Lines of code Vulnerability details Impact checkAfterExecution function has a design flaw. It may cause some danger problem, such as ,signers can change the threshold of the vault, giving themselves increased control over future transactions and breaking an important trust assumption of the...
Lack of an option in DestinationBridge.sol to cancel a transaction can lead to unwanted transactions
Lines of code Vulnerability details Impact DestinationBridge.sol is for handling calls from Axelar Gateway and must be deployed in the destination chain. DestinationBridge.sol requires that the address from which Axelar messages are sent must be registered in the recipient's contract. Once a...
Rebalancing may overshoot
Lines of code Vulnerability details Impact A rebalance operation may overshoot, bringing the percentage outside the thresholds. Proof of Concept There are contractual limitations on the rebalance operations. It is assumed that these are put in place to ensure that the Rebalance Defender bot is no...
Rebalance amounts should be checked so that updated balances falls within thresholds
Lines of code Vulnerability details Rebalance amounts should be checked so that updated balances falls within thresholds Rebalance operations are allowed when the current percentage of xETH in the Curve pool is outside the defined thresholds. However, there is no check to ensure that the amount o...
SUSE CVE-2021-29535
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedMul by passing in invalid thresholds for the quantization. This is because the...
SUSE CVE-2021-29537
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedResizeBilinear by passing in invalid thresholds for the quantization. This is because the...
PT-2022-18490 · Kingspan · Kingspan Tms300 Cs
Name of the Vulnerable Software and Affected Versions: Kingspan TMS300 CS versions affected versions not specified Description: The issue is due to the lack of adequately implemented access-control rules, allowing an attacker to view and modify application settings without authenticating by...
Preparing for Heightened Attacks in the Current Geopolitical Environment
The current geopolitical environment has raised many concerns about security postures and readiness to respond to a cyberattack. Today, Imperva customers are protected by our world-class network, application, and data security products. Alongside that, Imperva Threat Research is closely monitorin...
B. Braun SpaceCom2 安全漏洞
B. Braun SpaceCom2, a hardware device from B. Braun, is used to connect to external devices to record data in a patient data management system, PC or USB memory stick.A security vulnerability exists in previous versions of B. Braun SpaceCom2 012U000062, which stems from the fact that publicly...
GHSA-8C89-2VWR-CHCQ Heap buffer overflow in `QuantizedResizeBilinear`
Impact An attacker can cause a heap buffer overflow in QuantizedResizeBilinear by passing in invalid thresholds for the quantization: python import tensorflow as tf images = tf.constant, shape=0, dtype=tf.qint32 size = tf.constant, shape=0, dtype=tf.int32 min = tf.constant, dtype=tf.float32 max =...
Heap buffer overflow in `QuantizedReshape`
Impact An attacker can cause a heap buffer overflow in QuantizedReshape by passing in invalid thresholds for the quantization: python import tensorflow as tf tensor = tf.constant, dtype=tf.qint32 shape = tf.constant, dtype=tf.int32 inputmin = tf.constant, dtype=tf.float32 inputmax = tf.constant,...
GHSA-2GFX-95X2-5V3X Heap buffer overflow in `QuantizedReshape`
Impact An attacker can cause a heap buffer overflow in QuantizedReshape by passing in invalid thresholds for the quantization: python import tensorflow as tf tensor = tf.constant, dtype=tf.qint32 shape = tf.constant, dtype=tf.int32 inputmin = tf.constant, dtype=tf.float32 inputmax = tf.constant,...
GHSA-M3F9-W3P3-P669 Heap buffer overflow in `QuantizedMul`
Impact An attacker can cause a heap buffer overflow in QuantizedMul by passing in invalid thresholds for the quantization: python import tensorflow as tf x = tf.constant256, 328, shape=1, 2, dtype=tf.quint8 y = tf.constant256, 328, shape=1, 2, dtype=tf.quint8 minx = tf.constant, dtype=tf.float32...
openSUSE Security Update : monitoring-plugins-smart (openSUSE-2021-706)
This update for monitoring-plugins-smart fixes the following issues : monitoring-plugins-smart was updated to 6.9.1 : This is a security-release boo1183057 + Fixes the regular expression for pseudo-devices under the /dev/bus/N path. from 6.9.0 + Allows using PCI device paths as device names 64 +...
CVE-2021-29535
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedMul by passing in invalid thresholds for the quantization. This is because the...
CVE-2021-29536
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedReshape by passing in invalid thresholds for the quantization. This is because the...
PYSEC-2021-661
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedMul by passing in invalid thresholds for the quantization. This is because the...
PYSEC-2021-173
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedReshape by passing in invalid thresholds for the quantization. This is because the...
PYSEC-2021-464
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedReshape by passing in invalid thresholds for the quantization. This is because the...
PYSEC-2021-663
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedResizeBilinear by passing in invalid thresholds for the quantization. This is because the...