‼ CVE-2023-25660 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when the parameter `summarize` of `tf.raw_ops.Print` is zero, the new method `SummarizeArray<bool>` will reference to a nullptr, leading to a seg fault. A fix is included in TensorFlow version 2.12 and version 2.11.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25663 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `ctx->step_containter()` is a null ptr, the Lookup function will be executed with a null pointer. A fix is included in TensorFlow 2.12.0 and 2.11.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25659 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter `indices` for `DynamicStitch` does not match the shape of the parameter `data`, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25672 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an open source platform for machine learning. The function `tf.raw_ops.LookupTableImportV2` cannot handle scalars in the `values` parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25666 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25671 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type sizes. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25674 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25669 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for `tf.raw_ops.AvgPoolGrad`, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-27579 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater `filter_input_channel` of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25676 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parameter `shape` with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25668 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick this commit on TensorFlow version 2.11.1.📖 Read
via "National Vulnerability Database".
❤1🔥1
‼ CVE-2023-1629 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in Jianming Antivirus 16.2.2022.418. Affected by this vulnerability is an unknown functionality in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224011.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1627 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Jianming Antivirus 16.2.2022.418. It has been rated as problematic. This issue affects some unknown processing in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier VDB-224009 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1631 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in Jianming Antivirus 16.2.2022.418. This affects an unknown part in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-224013 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1628 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability classified as problematic has been found in Jianming Antivirus 16.2.2022.418. Affected is an unknown function in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224010 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1626 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Jianming Antivirus 16.2.2022.418. It has been declared as critical. This vulnerability affects unknown code in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224008.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1630 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, has been found in Jianming Antivirus 16.2.2022.418. Affected by this issue is some unknown functionality in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224012.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1632 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been found in Ellucian Banner Web Tailor 8.6 and classified as critical. This vulnerability affects unknown code of the file /PROD_ar/twbkwbis.P_FirstMenu of the component Login Page. The manipulation of the argument PIDM/WEBID leads to improper authorization. The attack can be initiated remotely. After submitting proper login credentials it becomes possible to generate new valid session identifiers on the OTP page. VDB-224014 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2015-10097 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in grinnellplans-php up to 3.0. It has been declared as critical. Affected by this vulnerability is the function interface_disp_page/interface_disp_page of the file read.php. The manipulation leads to sql injection. The attack can be launched remotely. The name of the patch is 57e4409e19203a94495140ff1b5a697734d17cfb. It is recommended to apply a patch to fix this issue. The identifier VDB-223801 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1635 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in OTCMS 6.72. It has been declared as problematic. Affected by this vulnerability is the function AutoRun of the file apiRun.php. The manipulation of the argument mode leads to cross site scripting. The attack can be launched remotely. The identifier VDB-224017 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1634 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in OTCMS 6.72. It has been classified as critical. Affected is the function UseCurl of the file /admin/info_deal.php of the component URL Parameter Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224016.📖 Read
via "National Vulnerability Database".