CVE-2021-29591

TensorFlow is an end-to-end open source platform for machine learning. TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be...

PT-2021-18342 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: TensorFlow is an end-to-end open source...

Huawei EulerOS: Security Advisory for nasm (EulerOS-SA-2021-1820)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

cumulative-distribution-function is vulnerable to denial of service. An attacker is able to send improper data such as invalid non-numeric or string data to cause an infinite while-loop in the function for evaluating the cumulative-distribution-function of input data, potentially resulting in an...

EulerOS 2.0 SP3 : nasm (EulerOS-SA-2021-1820)

According to the versions of the nasm package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption crashed of nasm when handling a crafted file due to...

EulerOS 2.0 SP5 : nasm (EulerOS-SA-2020-2556)

According to the versions of the nasm package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption crashed of nasm when handling a crafted file due to...

EulerOS 2.0 SP8 : nasm (EulerOS-SA-2020-2521)

According to the versions of the nasm package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption crashed of nasm when handling a crafted file due to...

EulerOS 2.0 SP9 : nasm (EulerOS-SA-2020-2434)

According to the versions of the nasm package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Netwide Assembler NASM 2.14rc16 has a heap-based buffer over-read in expandmmacparams in asm/preproc.c for the special cases of the % and $ and !...

EulerOS 2.0 SP9 : nasm (EulerOS-SA-2020-2416)

According to the versions of the nasm package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Netwide Assembler NASM 2.14rc16 has a heap-based buffer over-read in expandmmacparams in asm/preproc.c for the special cases of the % and $ and !...

diskmoe.com Cross Site Scripting vulnerability OBB-1414911

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

PT-2020-20794 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.5 iPadOS versions prior to 13.5 Description: An issue existed in the pausing of FaceTime video, where a user's video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing. The...

hilyses.com Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1160428 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2019:2248-1 Rating: important References: 1140868 1141322 1149296 1149297 1149298 1149299 1149303 1149304 1150939 1152375 Cross-References: CVE-2019-11709 CVE-2019-11710 CVE-2019-11711 CVE-2019-11712...

Tips for a Cyber Safe Vacation

As summer nears, many people will soon be taking vacations. When planning vacations, users should be aware of potential rental scams and “free” vacation ploys. Travelers should also keep in mind risks related to travelling with mobile devices. The Cybersecurity and Infrastructure Security Agency...

macOS < 10.14.3 / iOS < 12.1.3 XNU - 'vm_map_copy' Optimization which Requires Atomicity isn't Atomic

/ vmmapcopyininternal in vmmap.c converts a region of a vmmap into "copied in" form, constructing a vmmapcopy structure representing the copied memory which can then be mapped into another vmmap or the same one. The function contains a while loop which walks through each of the vmmapentry...

Integer overflow

Netwide Assembler NASM 2.14rc0 has an endless while loop in the assemblefile function of asm/nasm.c because of a globallineno integer overflow...

Fedora 27 : php (2018-12f92ff831)

PHP version 7.1.16 29 Mar 2018 Core: - Fixed bug php76025 Segfault while throwing exception in errorhandler. Dmitry, Laruence - Fixed bug php76044 'date: illegal option -- -' in ./configure on FreeBSD. Anatol FPM: - Fixed bug php75605 Dumpable FPM child processes allow bypassing opcache access...

shop.obkladypasek.cz XSS vulnerability

Open Bug Bounty ID: OBB-582520 Description| Value ---|--- Affected Website:| shop.obkladypasek.cz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2017-17818

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in pastetokens in asm/preproc.c...

CVE-2017-17818

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in pastetokens in asm/preproc.c...