Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2023-29934: [mlir] convert-scf-to-spirv Pass crashed with segmentation fault · Issue #59136 · llvm/llvm-project

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().

CVE
Open in Source
#mac#git
CVE-2023-29933: [mlir] One shot bufferize crashed with segmentation fault. · Issue #59442 · llvm/llvm-project

llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.

CVE-2023-29939: [mlir] spirv-lower-abi-attrs crashes with segmentation faults · Issue #59983 · llvm/llvm-project

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr).

CVE-2023-29942: [mlir] Convert-spirv-to-llvm Pass trigger Segmentation fault in LLVMStructType verifier · Issue #59990 · llvm/llvm-project

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType.

CVE-2023-29935: [mlir] gpu-to-llvm Pass crashed with error message "Assertion failed: (!replacements.count(op) && "operation was already replaced")" · Issue #59182 · llvm/llvm-project

llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.

CVE-2023-29941: [mlir] Sparse-buffer-rewrite pass crashes with Segmentation fault · Issue #59988 · llvm/llvm-project

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp.

Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN

Italian corporate banking clients are the target of an ongoing financial fraud campaign that has been leveraging a new web-inject toolkit called drIBAN since at least 2019. "The main goal of drIBAN fraud operations is to infect Windows workstations inside corporate environments trying to alter legitimate banking transfers performed by the victims by changing the beneficiary and transferring

N. Korean Kimsuky Hackers Using New Recon Tool ReconShark in Latest Cyberattacks

The North Korean state-sponsored threat actor known as Kimsuky has been discovered using a new reconnaissance tool called ReconShark as part of an ongoing global campaign. "[ReconShark] is actively delivered to specifically targeted individuals through spear-phishing emails, OneDrive links leading to document downloads, and the execution of malicious macros," SentinelOne researchers Tom Hegel

CVE-2023-2535: Security Advisories | KNIME

Sensitive information exposure in the Web Frontend of KNIME Business Hub until 1.X allows an unauthenticated attacker to extract information about the system. By making a request to a non-existent URL the system will sensitive information to the caller such as internal IP addresses, hostnames, Istio metadata, internal file paths and more. The problem is fixed in KNIME Business Hub 1.xxx. There is no workaround for previous versions.

Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model

Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by a remote attacker to execute arbitrary code on affected devices. The issue, tracked as CVE-2023-20126, is rated 9.8 out of a maximum of 10 on the CVSS scoring system. The company credited Catalpa of DBappSecurity for reporting the shortcoming. The product in question makes it possible