CVE-2023-25658
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, an out of bounds read is in GRUBlockCellGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.
Source: CVE-2023-25658
[월:] 2023년 03월
CVE-2023-25673
CVE-2023-25673
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
Source: CVE-2023-25673
CVE-2023-25659
CVE-2023-25659
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter `indices` for `DynamicStitch` does not match the shape of the parameter `data`, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
Source: CVE-2023-25659
CVE-2023-27042
CVE-2023-27042
Tenda AX3 V16.03.12.11 is vulnerable to Buffer Overflow via /goform/SetFirewallCfg.
Source: CVE-2023-27042
CVE-2023-23149
CVE-2023-23149
DEK-1705 <=Firmware:34.23.1 device was discovered to have a command execution vulnerability.
Source: CVE-2023-23149
CVE-2022-45597
CVE-2022-45597
ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation.
Source: CVE-2022-45597
CVE-2023-27055
CVE-2023-27055
Aver Information Inc PTZApp2 v20.01044.48 allows attackers to access sensitive files via a crafted GET request.
Source: CVE-2023-27055
CVE-2023-28150
CVE-2023-28150
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file.
Source: CVE-2023-28150
CVE-2023-26864
CVE-2023-26864
SQL injection vulnerability found in PrestaShop smplredirectionsmanager v.1.1.19 and before allow a remote attacker to gain privileges via the SmplTools::getMatchingRedirectionsFromPartscomponent.
Source: CVE-2023-26864
CVE-2023-1583
CVE-2023-1583
A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. When fixed files are unregistered, some context information (file_alloc_{start,end} and alloc_hint) is not cleared. A subsequent request that has auto index selection enabled via IORING_FILE_INDEX_ALLOC can cause a NULL pointer dereference. An unprivileged user can use the flaw to cause a system crash.
Source: CVE-2023-1583