Page 27 of 3272 results (0.018 seconds)

CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0

An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause `move_desc` to get stuck in a 4,294,967,295-count iteration loop. Depending on how `vhost_crypto` is being used this could prevent other VMs or network tasks from being serviced by the busy DPDK lcore for an extended period. Un subdesbordamiento de enteros en dpdk versiones anteriores a 18.11.10 y anteriores a 19.11.5 en la función "move_desc" puede conllevar a que sean consumidos grandes cantidades de ciclos de CPU en un bucle de larga ejecución. Un atacante podría causar que "move_desc" se atasque en un bucle de iteración de 4.294.967.295 conteos. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00006.html http://www.openwall.com/lists/oss-security/2021/01/04/1 http://www.openwall.com/lists/oss-security/2021/01/04/2 http://www.openwall.com/lists/oss-security/2021/01/04/5 https://bugzilla.redhat.com/show_bug.cgi?id=1879473 https://usn.ubuntu.com/4550-1 https://www.openwall.com/lists/oss-security/2020/09/28/3 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en dpdk en versiones anteriores a 18.11.10 y anteriores a 19.11.5. Una comprobación de límites fallida en la función copy_data conlleva a un desbordamiento del búfer que permite a un atacante en una máquina virtual escribir datos arbitrarios en cualquier dirección en la aplicación vhost_crypto. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00006.html http://www.openwall.com/lists/oss-security/2021/01/04/1 http://www.openwall.com/lists/oss-security/2021/01/04/2 http://www.openwall.com/lists/oss-security/2021/01/04/5 https://bugzilla.redhat.com/show_bug.cgi?id=1879466 https://www.openwall.com/lists/oss-security/2020/09/28/3 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0

In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception. En los archivos rfb/CSecurityTLS.cxx y rfb/CSecurityTLS.java en TigerVNC versiones anteriores a 1.11.0, los espectadores manejan inapropiadamente las excepciones del certificado TLS. Almacenan los certificados como autoridades, lo que significa que el propietario de un certificado puede hacerse pasar por cualquier servidor después de que un cliente haya agregado una excepción • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00024.html https://bugzilla.opensuse.org/show_bug.cgi?id=1176733 https://github.com/TigerVNC/tigervnc/commit/20dea801e747318525a5859fe4f37c52b05310cb https://github.com/TigerVNC/tigervnc/commit/7399eab79a4365434d26494fa1628ce1eb91562b https://github.com/TigerVNC/tigervnc/commit/b30f10c681ec87720cff85d490f67098568a9cba https://github.com/TigerVNC/tigervnc/commit/f029745f63ac7d22fb91639b2cb5b3ab56134d6e https://githu • CWE-295: Improper Certificate Validation CWE-296: Improper Following of a Certificate's Chain of Trust •

CVSS: 7.2EPSS: 0%CPEs: 17EXPL: 1

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. http.client en Python 3.x antes de la versión 3.5.10, 3.6.x antes de la versión 3.6.12, 3.7.x antes de la versión 3.7.9, y 3.8.x antes de la versión 3.8.5 permite la inyección de CRLF si el atacante controla el método de petición HTTP, como se demuestra insertando caracteres de control CR y LF en el primer argumento de HTTPConnection.request A flaw was found in Python. The built-in modules httplib and http.client (included in Python 2 and Python 3, respectively) do not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation to the request by injecting additional HTTP headers. The highest threat from this vulnerability is to confidentiality and integrity. • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00027.html https://bugs.python.org/issue39603 https://lists.debian.org/debian-lts-announce/2020/11/msg00032.html https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BW4GCLQISJCOEGQNIMVUZDQMIY6RR6CC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDQ2THWU4GPV4Y5H5WW5PFMSWXL2CRFD https://lists.fedoraproject.org/ • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •

CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 1

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. However, there are several places in TensorFlow where a lambda taking `int` or `int32` arguments is being used. In these cases, if the amount of work to be parallelized is large enough, integer truncation occurs. Depending on how the two arguments of the lambda are used, this can result in segfaults, read/write outside of heap allocated arrays, stack overflows, or data corruption. The issue is patched in commits 27b417360cbd671ef55915e4bb6bb06af8b8a832 and ca8c013b5e97b1373b3bb1c97ea655e69f31a575, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html https://github.com/tensorflow/tensorflow/commit/27b417360cbd671ef55915e4bb6bb06af8b8a832 https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575 https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6fg-mjxg-hqq4 • CWE-197: Numeric Truncation Error CWE-754: Improper Check for Unusual or Exceptional Conditions •