RUSTSEC-2022-0031 Panic due to improper UTF-8 indexing

When parsing untrusted rulex expressions, rulex may panic, possibly enabling a Denial of Service attack. This happens when the expression contains a multi- byte UTF-8 code point in a string literal or after a backslash, because rulex tries to slice into the code point and panics as a result. The...

Panic due to improper UTF-8 indexing

When parsing untrusted rulex expressions, rulex may panic, possibly enabling a Denial of Service attack. This happens when the expression contains a multi- byte UTF-8 code point in a string literal or after a backslash, because rulex tries to slice into the code point and panics as a result. The...

Google TensorFlow输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. An input validation error vulnerability exists in Google TensorFlow versions prior to 2.9.0, prior to 2.8.1, prior to 2.7.2, and prior to 2.6.4, which stems from the presence of a non-numeric...

CVE-2022-29211 Segfault in TensorFlow if `tf.histogram_fixed_width` is called with NaN values

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.histogramfixedwidth is vulnerable to a crash when the values array contain Not a Number NaN elements. The implementation assumes that all floating point operation...

CVE-2022-29211

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.histogramfixedwidth is vulnerable to a crash when the values array contain Not a Number NaN elements. The implementation assumes that all floating point operation...

PT-2022-19464 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description: The implementation of tf.histogram fixed width is vulnerable to a crash when the values...

AZL-9619 CVE-2021-4207 affecting package qemu for versions less than 6.2.0-13

A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor-header.width and cursor-header.height can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use...

CVE-2022-0750

The Photoswipe Masonry Gallery WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the thumbnailwidth, thumbnailheight, maximagewidth, and maximageheight parameters found in the /photoswipe-masonry.php file which allows authenticated attackers t...

PT-2022-13410 · WordPress · Photoswipe Masonry Gallery

Name of the Vulnerable Software and Affected Versions: Photoswipe Masonry Gallery WordPress plugin versions up to and including 1.2.14 Description: The issue arises from insufficient escaping and sanitization of the thumbnail width, thumbnail height, max image width, and max image height paramete...

GHSA-98J8-C9Q4-R38G Memory exhaustion in Tensorflow

Impact The implementation of StringNGrams can be used to trigger a denial of service attack by causing an OOM condition after an integer overflow: python import tensorflow as tf tf.rawops.StringNGrams data='123456', datasplits=0,1, separator='a'15, ngramwidths=, leftpad='', rightpad='',...

PYSEC-2022-93

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow 2.8.0. ...

PYSEC-2022-148

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow 2.8.0. ...

PYSEC-2022-112

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

PYSEC-2022-57

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

PYSEC-2022-112

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

PYSEC-2022-57

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

CVE-2022-21733

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

PT-2022-15073 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The implementation of StringNGrams can be used to trigger a denial of service...

Business Logic Errors in dolibarr/dolibarr

Description Dolibarr is vulnerable to Business Logic Errors in the Weight, Length x Width x Height, Area, Volume fields of a Product since these values can be negative numbers. Proof of Concept 1.After login, in the top menu bar, click Products 2.In the left menu bar, click List to view the list ...

CVE-2021-41497

Null pointer reference in CMSConservativeincrementobj in RaRe-Technologies bounter version 1.01 and 1.10, allows attackers to conduct Denial of Service attacks by inputting a huge width of hash bucket...