| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulnerable to an integer overflow weakness. The `axis` argument can be `-1` (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked, and, since the code computes `axis + 1`, an attacker can trigger an integer overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. |
| In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability |
| Windows Workstation Service Elevation of Privilege Vulnerability |
| DHCP Server Service Remote Code Execution Vulnerability |
| Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Azure Kinect SDK Remote Code Execution Vulnerability |
| Windows Filtering Platform Elevation of Privilege Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts. |
| afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow. |
| In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. |
| Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) |
