CVE-2022-36015 TensorFlow is an open source platform for machine learning. When RangeSize receives values that don't fit into an int64_t, it crashes. We have patched the issue in a GitHub commit.
If you are on TensorFlow 2.9.1, TensorFlow 2.8.1, or TensorFlow 2.7.2, please update your installations immediately. You can also
CVE-2022-36003 TensorFlow is an open source platform for machine learning. When RandomPoissonV2 receives large input and rates, it gives a CHECK fail that can trigger a DDoS attack.
When the `RandomPoissonV2` estimator receives a large input shape and rates, it gives a `CHECK` fail and stops training. The fix is cherry-picking this commit
CVE-2022-29240 Scylla is a real-time big data database compatible with Cassandra and DynamoDB. When decompressing CQL frames, the user's provided uncompressed length is assumed to be correct.
3. Attacker that has access to user account and has full privileges can also read uninitialized memory, but then they can also read any memory
CVE-2022-40439 An memory leak issue was found in Bento4 AP4_StdcFileByteStream::Create, which can be used to cause a denial of service.
A memory leak was discovered in AP4_File::Write in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via
CVE-2022-40674 libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
This may lead to denial of service or potentially remote code execution.
To fix this problem, update your php installations to version 7.1.9
Episode
00:00:00
00:00:00