• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2022-23584
    CVE-2022-23584
    Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(decode)` gets called, the values of ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-23585
    CVE-2022-23585
    Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling `png::CommonInitDecode(..., decode)`, the ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:21 | 回复:0
  • CVE-2022-23586
    CVE-2022-23586
    Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that assertions in `function.cc` would be falsified and crash th ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-23587
    CVE-2022-23587
    Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Sinc ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-23588
    CVE-2022-23588
    Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that Grappler optimizer would attempt to build a tensor using a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2022-23589
    CVE-2022-23589
    Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2022-23590
    CVE-2022-23590
    Tensorflow is an Open Source Machine Learning Framework. A `GraphDef` from a TensorFlow `SavedModel` can be maliciously altered to cause a TensorFlow process to crash due to encountering a `StatusOr` ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-23591
    CVE-2022-23591
    Tensorflow is an Open Source Machine Learning Framework. The `GraphDef` format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a ` ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-23592
    CVE-2022-23592
    Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a `DCHECK` (which is a no-op during produ ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:8 | 回复:0
  • CVE-2022-23593
    CVE-2022-23593
    Tensorflow is an Open Source Machine Learning Framework. The `simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if calle ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:12 | 回复:0
  • CVE-2022-23594
    CVE-2022-23594
    Tensorflow is an Open Source Machine Learning Framework. The TFG dialect of TensorFlow (MLIR) makes several assumptions about the incoming `GraphDef` before converting it to the MLIR-based dialect. If ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:11 | 回复:0
  • CVE-2022-23595
    CVE-2022-23595
    Tensorflow is an Open Source Machine Learning Framework. When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:10 | 回复:0
  • CVE-2022-23600
    CVE-2022-23600
    fleet is an open source device management, built on osquery. Versions prior to 4.9.1 expose a limited ability to spoof SAML authentication with missing audience verification. This impacts deployments ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:9 | 回复:0
  • CVE-2022-23605
    CVE-2022-23605
    Wire webapp is a web client for the wire messaging protocol. In versions prior to 2022-01-27-production.0 expired ephemeral messages were not reliably removed from local chat history of Wire Webapp. I ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2022-23609
    CVE-2022-23609
    iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize user input used to remove files leading to file delet ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2022-23611
    CVE-2022-23611
    iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize image file paths leading to OS level command injectio ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2022-23614
    CVE-2022-23614
    Twig is an open source template language for PHP. When in a sandbox mode, the `arrow` parameter of the `sort` filter must be a closure to avoid attackers being able to run arbitrary PHP functions. In ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2022-23805
    CVE-2022-23805
    A security out-of-bounds read information disclosure vulnerability in Trend Micro Worry-Free Business Security Server could allow a local attacker to send garbage data to a specific named pipe and cra ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2022-23913
    CVE-2022-23913
    In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2022-23946
    CVE-2022-23946
    A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerbe ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:6 | 回复:0
  • CVE-2022-23947
    CVE-2022-23947
    A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon DCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerbe ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2022-23980
    CVE-2022-23980
    Cross-Site Scripting (XSS) vulnerability discovered in Yasr – Yet Another Stars Rating WordPress plugin (versions = 2.9.9), vulnerable at parameter 'source'.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2022-24113
    CVE-2022-24113
    Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:6 | 回复:0
  • CVE-2022-24114
    CVE-2022-24114
    Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (mac ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:6 | 回复:0
  • CVE-2022-24115
    CVE-2022-24115
    Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:6 | 回复:0
  • CVE-2022-0437
    CVE-2022-0437
    Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2022-0501
    CVE-2022-0501
    Cross-site Scripting (XSS) - Reflected in Packagist ptrofimov/beanstalk_console prior to 1.7.12.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2021-38172
    CVE-2021-38172
    perM 0.4.0 has a Buffer Overflow related to strncpy. (Debian initially fixed this in 0.4.0-7.)……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2022-0502
    CVE-2022-0502
    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:7 | 回复:0
  • CVE-2022-23206
    CVE-2022-23206
    In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:8 | 回复:0
  • CVE-2007-20001
    CVE-2007-20001
    StarWind iSCSI SAN before 3.5 build 2007-08-09 allows socket exhaustion.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:8 | 回复:0
  • CVE-2013-20004
    CVE-2013-20004
    StarWind iSCSI SAN before 6.0 build 2013-03-20 allows a memory leak.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:8 | 回复:0
  • CVE-2021-39280
    CVE-2021-39280
    Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X before 1.9.1, 2212S before 1.9.1, 2212G before 1.8, 3220 V3 before 1.5.1 ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:10 | 回复:0
  • CVE-2021-41816
    CVE-2021-41816
    CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different nu ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:12 | 回复:0
  • CVE-2022-22831
    CVE-2022-22831
    An issue was discovered in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a manipulation of the Authorization HTTP header.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:13 | 回复:0
  • CVE-2022-22832
    CVE-2022-22832
    An issue was discovered in Servisnet Tessa 0.0.2. Authorization data is available via an unauthenticated /data-service/users/ request.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-24551
    CVE-2022-24551
    StarWind SAN and NAS before 0.2 build 1685 allows users to reset other users' passwords.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-24552
    CVE-2022-24552
    StarWind SAN and NAS before 0.2 build 1685 allows remote code execution via a virtual disk management command.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-22833
    CVE-2022-22833
    An issue was discovered in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-22680
    CVE-2022-22680
    Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to obtain sensitive informatio ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap