• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号
登陆 注册
OStack程序员社区-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2022-0481
    CVE-2022-0481
    NULL Pointer Dereference in Homebrew mruby prior to 3.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-0484
    CVE-2022-0484
    Lack of validation of URLs causes Mirantis Container Cloud Lens Extension before v3.1.1 to open external programs other than the default browser to perform sign on to a new cluster. An attacker could ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2022-0487
    CVE-2022-0487
    A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-0498
    CVE-2022-0498
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-22150
    CVE-2022-22150
    A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger an exception which is improperly h ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2022-22689
    CVE-2022-22689
    CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1, contain a vulnerability in the CSV export functionality, due to insufficient input validation, that can allow a privileg ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2022-22722
    CVE-2022-22722
    A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain the SSH cryptographic key for the device and take active contro ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2022-22723
    CVE-2022-22723
    A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:21 | 回复:0
  • CVE-2022-22724
    CVE-2022-22724
    A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 (HTTP) and 502 (Modbus), when sending a large number of TCP RST or FIN packets to any ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-22725
    CVE-2022-22725
    A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:22 | 回复:0
  • CVE-2022-22726
    CVE-2022-22726
    A CWE-20: Improper Input Validation vulnerability exists that could allow arbitrary files on the server to be read by authenticated users through a limited operating system service account. Affected P ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:27 | 回复:0
  • CVE-2022-22727
    CVE-2022-22727
    A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a user?s ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:26 | 回复:0
  • CVE-2022-22804
    CVE-2022-22804
    A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could allow an authenticated attacker to view data, change settings, or ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:26 | 回复:0
  • CVE-2022-22939
    CVE-2022-22939
    VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:25 | 回复:0
  • CVE-2022-22987
    CVE-2022-22987
    The affected product has a hardcoded private key available inside the project folder, which may allow an attacker to achieve Web Server login and perform further actions.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:22 | 回复:0
  • CVE-2022-23379
    CVE-2022-23379
    Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid().……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-23557
    CVE-2022-23557
    Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in `BiasAndClamp` implementation. There is no check that the `bias_s ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2022-23558
    CVE-2022-23558
    Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in `TfLiteIntArrayCreate`. The `TfLiteIntArrayGetSizeInBytes` returns ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:33 | 回复:0
  • CVE-2022-23559
    CVE-2022-23559
    Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both `embedding_size` and `lookup_siz ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:34 | 回复:0
  • CVE-2022-23560
    CVE-2022-23560
    Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:47 | 回复:0
  • CVE-2022-23561
    CVE-2022-23561
    Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the l ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:58 | 回复:0
  • CVE-2022-23562
    CVE-2022-23562
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `Range` suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large alloc ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:55 | 回复:0
  • CVE-2022-23563
    CVE-2022-23563
    Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses `tempfile.mktemp` to create temporary files. While this is acceptable in testing, in utilities and librarie ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:66 | 回复:0
  • CVE-2022-23564
    CVE-2022-23564
    Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:62 | 回复:0
  • CVE-2022-23565
    CVE-2022-23565
    Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a `SavedModel` on disk such that `AttrDef`s of some operation are d ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:92 | 回复:0
  • CVE-2022-23566
    CVE-2022-23566
    Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:244 | 回复:0
  • CVE-2022-23570
    CVE-2022-23570
    Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are mis ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:125 | 回复:0
  • CVE-2022-23571
    CVE-2022-23571
    Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlle ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:65 | 回复:0
  • CVE-2022-23572
    CVE-2022-23572
    Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the `DCHECK` function however ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:61 | 回复:0
  • CVE-2022-23573
    CVE-2022-23573
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `AssignOp` can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implem ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:74 | 回复:0
  • CVE-2022-23574
    CVE-2022-23574
    Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mut ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:69 | 回复:0
  • CVE-2022-23575
    CVE-2022-23575
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateTensorSize` is vulnerable to an integer overflow if an attacker can create an operation w ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:49 | 回复:0
  • CVE-2022-23576
    CVE-2022-23576
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateOutputSize` is vulnerable to an integer overflow if an attacker can create an operation w ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:46 | 回复:0
  • CVE-2022-23577
    CVE-2022-23577
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `GetInitOp` is vulnerable to a crash caused by dereferencing a null pointer. The fix will be included in TensorFlow 2.8.0 ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:42 | 回复:0
  • CVE-2022-23578
    CVE-2022-23578
    Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of `ImmutableExecutorState::Initialize`. Here, we set `item-kernel ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:32 | 回复:0
  • CVE-2022-23579
    CVE-2022-23579
    Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `SafeToRemoveIdentity` would ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:28 | 回复:0
  • CVE-2022-23580
    CVE-2022-23580
    Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:30 | 回复:0
  • CVE-2022-23581
    CVE-2022-23581
    Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `IsSimplifiableReshape` woul ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:28 | 回复:0
  • CVE-2022-23582
    CVE-2022-23582
    Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that `TensorByteSize` would trigger `CHECK` failures. `TensorSha ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:30 | 回复:0
  • CVE-2022-23583
    CVE-2022-23583
    Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that any binary op would trigger `CHECK` failures. This occurs w ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:26 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap