CVE-2021-37677

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for tf.rawops.Dequantize has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation use...

PYSEC-2021-292

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...

GHSA-97WF-P777-86JQ Division by zero in TFLite's implementation of Split

Impact The implementation of the Split TFLite operator is vulnerable to a division by zero error: cc TFLITEENSUREMSGcontext, inputsize % numsplits == 0, "Not an even split"; const int slicesize = inputsize / numsplits; An attacker can craft a model such that numsplits would be 0. Patches We have...

PYSEC-2021-256

TensorFlow is an end-to-end open source platform for machine learning. Passing invalid arguments e.g., discovered via fuzzing to tf.rawops.SparseCountSparseOutput results in segfault. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow...

PT-2021-18367 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: The implementation of TrySimplify has undefined behavior due to dereferencing a null pointer i...

GHSA-WM47-8V5P-WJPJ Possible request smuggling in HTTP/2 due missing validation

Impact If a Content-Length header is present in the original HTTP/2 request, the field is not validated by Http2MultiplexHandler as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the...

PT-2021-1885 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to an insecure direct object vulnerability IDOR in the checkout module. Successful exploitation coul...

PYSEC-2020-272

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure. The issue occurs because the status argument during validation failures is not properly checked. Since each of the above methods ca...

UBUNTU-CVE-2020-11025

In affected versions of WordPress, a cross-site scripting XSS vulnerability in the navigation section of Customizer allows JavaScript code to be executed. Exploitation requires an authenticated user. This has been patched in version 5.4.1, along with all the previously affected versions via a min...

CVE-2020-5290

In RedpwnCTF before version 2.3, there is a session fixation vulnerability in exploitable through the token=$ssid hash when making a request to the /verify endpoint. An attacker team could potentially steal flags by, for example, exploiting a stored XSS payload in a CTF challenge so that victim...

ARP Spoofing in Zingbox Inspector

A security vulnerability exists in Zingbox Inspector that allows for the Inspector to be susceptible to ARP spoofing. Ref: CVE-2019-15022 The vulnerability allows for an attacker to perform ARP spoofing attacks against the Zingbox Inspector. This issue affects Zingbox Inspector, versions 1.294 an...

EUVD-2019-2617

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation...

PT-2019-4926

Name of the Vulnerable Software and Affected Versions libmspack version 0.9.1alpha Description The issue is caused by a buffer overflow in the chmd read headers function in the libmspack library, which can allow a remote attacker to disclose protected information using a specially crafted chm fil...

AST-2011-006: Asterisk Manager User Shell Access

Asterisk Project Security Advisory - AST-2011-006 Product Asterisk Summary Asterisk Manager User Shell Access Nature of Advisory Permission Escalation Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known Yes Reported On February 10, 2011 Reported By Mark Murawski markm AT...

Solaris Update for Supplemental Encryption Kerberos V5 112240-13

Check for the Version of Supplemental Encryption Kerberos V5 OpenVAS Vulnerability Test Solaris Update for Supplemental Encryption Kerberos V5 112240-13 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...

DSA-1784-1 freetype - arbitrary code execution

Bulletin has no description...

Mandrake Linux Security Advisory : MySQL (MDKSA-2003:094)

A buffer overflow was discovered in MySQL that could be executed by any user with 'ALTER TABLE' privileges on the 'mysql' database. If successfully exploited, the attacker could execute arbitrary code with the privileges of the user running the mysqld process mysqld. The 'mysql' database is used ...

mutt remote exploit patched

An exploitable overflow has been found in the address handling code of the mutt mail client version 1.2.5i supplied with Slackware 8.0. A new mutt-1.2.5.1 has been released which addresses this problem, and packages are now available for Slackware 8.0 and -current. We urge all Slackware users to...