CVE-2022-21819

NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. Such an attack could result in denial of...

CVE-2022-20049

In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679...

MediaTek 多款产品安全漏洞

MediaTek Mt Series is a series of smartphone chips from China's MediaTek. A security vulnerability exists in several MediaTek products, which stems from a lack of privilege checking in the vpu, and may lead to privilege escalation. The following products and versions are affected:...

PT-2022-13468 · Pypi · Pytorch-Lightning

Name of the Vulnerable Software and Affected Versions: PyTorch Lightning versions prior to 1.6.0 Description: The issue allows for code injection, potentially enabling an attacker to execute commands on the target operating system. This can be achieved by setting the PL TRAINER GPUS variable when...

ARM Mali GPU 缓冲区错误漏洞

ARM Mali GPUs are a family of mobile display chipsets GPUs from the British company ARM. Like other 3D display chips based on IP cores embedded technology, the Mali display chipset does not provide a display controller similar to a graphics card specifically designed to drive an LCD monitor to...

The vulnerability of Google Chrome’s GPU component allows a hacker to execute arbitrary code.

The vulnerability of Google Chrome’s GPU component is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...

Justice Department Appoints First Director of National Cryptocurrency Enforcement Team

The U.S. Department of Justice DoJ earlier this week appointed Eun Young Choi to serve as the first Director of the National Cryptocurrency Enforcement Team NCET it established last year. The NCET was created to tackle the criminal misuse of cryptocurrencies and digital assets," with a focus on...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome GPU, which can be exploited by an attacker to execute arbitrary code on a system or cause a denial of service condition...

com.ericsson.bss.cassandra.ecaudit:ecaudit_c3.11 (>=2.7.0 <=2.8.0), com.ibm.fhir:fhir-term-graph (>=4.9.2 <=4.10.2) +64 more potentially affected by CVE-2021-44521 via org.apache.cassandra:cassandra-all (>=3.11.0 <=3.11.11)

org.apache.cassandra:cassandra-all MAVEN version =3.11.0, =2.7.0, =4.9.2, =4.10.0, =3.11, =3.11, =3.11, =0.3.3, =0.4.0, =0.10.0, =3.11.0.0, =2.3, =5.3.0, =6.1.0 and more Source cves: CVE-2021-44521 Source advisory: OSV:GHSA-8FFC-79XG-29W8...

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-21725 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-21725 Source advisory: OSV:GHSA-V3F7-J968-4H5F...

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-21740 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-21740 Source advisory:...

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-21738 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-21738 Source advisory:...

lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-23568 via tensorflow-cpu (=2.7.0)

tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-23568 Source advisory: OSV:GHSA-6445-FM66-FVQ2...

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-23573 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-23573 Source advisory: OSV:GHSA-Q85F-69Q7-55H2...

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-23574 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-23574 Source advisory: OSV:GHSA-77GP-3H4R-6428...

CVE-2022-20039

In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06183345; Issue ID: ALPS06183345...

CVE-2022-20039

In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06183345; Issue ID: ALPS06183345...

HUAWEI EMUI 安全漏洞

Huawei EMUI is an Android-based mobile operating system developed by the Chinese company Huawei Huawei. Huawei EMUI suffers from a code execution vulnerability that originates from a security privilege misconfiguration vulnerability in ACPU. An attacker can exploit this vulnerability to execute...

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-23580 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-23580 Source advisory: OSV:GHSA-627Q-G293-49Q7...

CVE-2022-21813

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service...