Free Trial

CVE-2022-24294 : APACHE MXNET UP TO 1.9.0 OPERATOR NAME RESOURCE CONSUMPTION

Description

A regular expression used in Apache MXNet (incubating) is vulnerable to a potential denial-of-service by excessive resource consumption. The bug could be exploited when loading a model in Apache MXNet that has a specially crafted operator name that would cause the regular expression evaluation to use excessive resources to attempt a match. This issue affects Apache MXNet versions prior to 1.9.1.

References

https://lists.apache.org/thread/b1fbfmvzlr2bbp95lqoh3mtovclfcl3o

http://www.openwall.com/lists/oss-security/2022/07/24/2

For More Information

MITRE

Common Vulnerabilityies and Exposures

CVE-2022-24294 : APACHE MXNET UP TO 1.9.0 OPERATOR NAME RESOURCE CONSUMPTION
CVE-2022-24294 : APACHE MXNET UP TO 1.9.0 OPERATOR NAME RESOURCE CONSUMPTION

Contact us to get started

CVE-2023-6514 : HUAWEI AJMD-370S 103.1.0.110(SP12C00E2R1P2) BLUETOOTH MODULE LOGIC ERROR

CVE-2023-6514 : HUAWEI AJMD-370S 103.1.0.110(SP12C00E2R1P2) BLUETOOTH MODULE LOGIC ERROR

Description The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this

Learn more
CVE-2023-22523 : ATLASSIAN ASSETS DISCOVERY CLOUD ASSETS DISCOVERY AGENT REMOTE CODE EXECUTION

CVE-2023-22523 : ATLASSIAN ASSETS DISCOVERY CLOUD ASSETS DISCOVERY AGENT REMOTE CODE EXECUTION

Description This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets

Learn more
CVE-2023-49070 : APACHE OFBIZ UP TO 18.12.9 CODE INJECTION

CVE-2023-49070 : APACHE OFBIZ UP TO 18.12.9 CODE INJECTION

Description Pre-auth RCE in Apache Ofbiz 18.12.09. It’s due to XML-RPC no longer maintained still present. This issue affects Apache

Learn more