Total
3123 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-23575 | 1 Google | 1 Tensorflow | 2024-11-21 | 6.5 Medium |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateTensorSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-23568 | 1 Google | 1 Tensorflow | 2024-11-21 | 6.5 Medium |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of `AddManySparseToTensorsMap` is vulnerable to an integer overflow which results in a `CHECK`-fail when building new `TensorShape` objects (so, an assert failure based denial of service). We are missing some validation on the shapes of the input tensors as well as directly constructing a large `TensorShape` with user-provided dimensions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-23567 | 1 Google | 1 Tensorflow | 2024-11-21 | 6.5 Medium |
| Tensorflow is an Open Source Machine Learning Framework. The implementations of `Sparse*Cwise*` ops are vulnerable to integer overflows. These can be used to trigger large allocations (so, OOM based denial of service) or `CHECK`-fails when building new `TensorShape` objects (so, assert failures based denial of service). We are missing some validation on the shapes of the input tensors as well as directly constructing a large `TensorShape` with user-provided dimensions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-23562 | 1 Google | 1 Tensorflow | 2024-11-21 | 7.6 High |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of `Range` suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-23559 | 1 Google | 1 Tensorflow | 2024-11-21 | 8.8 High |
| Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both `embedding_size` and `lookup_size` are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication. In certain scenarios, this can then result in heap OOB read/write. Users are advised to upgrade to a patched version. | ||||
| CVE-2022-23558 | 1 Google | 1 Tensorflow | 2024-11-21 | 7.6 High |
| Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in `TfLiteIntArrayCreate`. The `TfLiteIntArrayGetSizeInBytes` returns an `int` instead of a `size_t. An attacker can control model inputs such that `computed_size` overflows the size of `int` datatype. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-22976 | 4 Netapp, Oracle, Redhat and 1 more | 5 Active Iq Unified Manager, Financial Services Crime And Compliance Management Studio, Jboss Fuse and 2 more | 2024-11-21 | 5.3 Medium |
| Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not perform any salt rounds, due to an integer overflow error. The default settings are not affected by this CVE. | ||||
| CVE-2022-22827 | 5 Debian, Libexpat Project, Redhat and 2 more | 6 Debian Linux, Libexpat, Enterprise Linux and 3 more | 2024-11-21 | 8.8 High |
| storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||||
| CVE-2022-22826 | 5 Debian, Libexpat Project, Redhat and 2 more | 6 Debian Linux, Libexpat, Enterprise Linux and 3 more | 2024-11-21 | 8.8 High |
| nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||||
| CVE-2022-22825 | 5 Debian, Libexpat Project, Redhat and 2 more | 6 Debian Linux, Libexpat, Enterprise Linux and 3 more | 2024-11-21 | 8.8 High |
| lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||||
| CVE-2022-22824 | 5 Debian, Libexpat Project, Redhat and 2 more | 6 Debian Linux, Libexpat, Enterprise Linux and 3 more | 2024-11-21 | 9.8 Critical |
| defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||||
| CVE-2022-22823 | 5 Debian, Libexpat Project, Redhat and 2 more | 6 Debian Linux, Libexpat, Enterprise Linux and 3 more | 2024-11-21 | 9.8 Critical |
| build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||||
| CVE-2022-22822 | 5 Debian, Libexpat Project, Redhat and 2 more | 6 Debian Linux, Libexpat, Enterprise Linux and 3 more | 2024-11-21 | 9.8 Critical |
| addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||||
| CVE-2022-22721 | 6 Apache, Apple, Debian and 3 more | 11 Http Server, Mac Os X, Macos and 8 more | 2024-11-21 | 9.1 Critical |
| If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier. | ||||
| CVE-2022-22105 | 1 Qualcomm | 102 Apq8009, Apq8009 Firmware, Apq8017 and 99 more | 2024-11-21 | 9.4 Critical |
| Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music | ||||
| CVE-2022-22089 | 1 Qualcomm | 45 Ar8035, Ar8035 Firmware, Qca8081 and 42 more | 2024-11-21 | 8.4 High |
| Memory corruption in audio while playing record due to improper list handling in two threads in Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables | ||||
| CVE-2022-22081 | 1 Qualcomm | 59 Ar8035, Ar8035 Firmware, Qca6595au and 56 more | 2024-11-21 | 8.4 High |
| Memory corruption in audio module due to integer overflow in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables | ||||
| CVE-2022-22078 | 1 Qualcomm | 134 Aqt1000, Aqt1000 Firmware, Ar8035 and 131 more | 2024-11-21 | 4.6 Medium |
| Denial of service in BOOT when partition size for a particular partition is requested due to integer overflow when blocks are calculated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | ||||
| CVE-2022-22074 | 1 Qualcomm | 307 Apq8009, Apq8009 Firmware, Apq8009w and 304 more | 2024-11-21 | 8.4 High |
| Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||||
| CVE-2022-21821 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-11-21 | 7.8 High |
| NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity. | ||||