Lucene search
K

465 matches found

CVE
CVE
added 3 days ago6 views

CVE-2026-61460

Krayin CRM up to version 2.2.3 is affected by an insecure direct object reference vulnerability in LeadController, PersonController, OrganizationController, QuoteController, and ActivityController. The root cause is missing record-level ownership validation in edit, update, and destroy methods, e...

8.8CVSS6.1AI score0.0028EPSS
Exploits0References3
OSV
OSV
added 6 days ago2 views

PYSEC-2026-941 `CHECK` fail via inputs in `SdcaOptimizer`

Impact Inputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer. python import tensorflow as tf tf.rawops.SdcaOptimizer sparseexampleindices=4 tf.random.uniform5,5,5,3, dtype=tf.dtypes.int64, maxval=100, sparsefeatureindices=4 tf.random.uniform5,5,5,3,...

4.8CVSS7AI score0.0044EPSS
Exploits1References7
OSV
OSV
added 6 days ago2 views

PYSEC-2026-1021 `CHECK` fail via inputs in `PyFunc`

Impact An input token that is not a UTF-8 bytestring will trigger a CHECK fail in tf.rawops.PyFunc. python import tensorflow as tf value = tf.constantvalue=1,2 token = b'\xb0' dataType = tf.int32 tf.rawops.PyFuncinput=value,token=token,Tout=dataType Patches We have patched the issue in GitHub...

4.8CVSS7AI score0.0045EPSS
Exploits1References7
OSV
OSV
added 6 days ago2 views

PYSEC-2026-1017 TensorFlow vulnerable to `CHECK` fail in `Save` and `SaveSlices`

Impact If Save or SaveSlices is run over tensors of an unsupported dtype, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf filename = tf.constant"" tensornames = tf.constant"" Save data = tf.casttf.random.uniformshape=1,...

5.9CVSS6.9AI score0.00396EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-940 TensorFlow vulnerable to `CHECK` fail in `AvgPoolGrad`

Impact The implementation of AvgPoolGrad does not fully validate the input originputshape. This results in a CHECK failure which can be used to trigger a denial of service attack: python import tensorflow as tf ksize = 1, 2, 2, 1 strides = 1, 2, 2, 1 padding = "VALID" dataformat = "NHWC"...

5.9CVSS5.9AI score0.00396EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-1006 TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannelGradient`

Impact When tf.quantization.fakequantwithminmaxvarsperchannelgradient receives input min or max of rank other than 1, it gives a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf arg0=tf.random.uniformshape=1,1, dtype=tf.float32, maxval=None...

5.9CVSS5.9AI score0.00383EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-1036 TensorFlow vulnerable to `CHECK` failure in `TensorListReserve` via missing validation

Impact In core/kernels/listkernels.cc's TensorListReserve, numelements is assumed to be a tensor of size 1. When a numelements of more than 1 element is provided, then tf.rawops.TensorListReserve fails the CHECKEQ in CheckIsAlignedAndSingleElement. python import tensorflow as tf...

5.9CVSS5.9AI score0.00547EPSS
Exploits0References8
OSV
OSV
added 6 days ago4 views

PYSEC-2026-1022 TensorFlow vulnerable to `CHECK` fail in `tf.random.gamma`

Impact When tf.random.gamma receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf arg0=tf.random.uniformshape=4,, dtype=tf.int32, maxval=65536 arg1=tf.random.uniformshape=4, 4, dtype=tf.float64, maxval=None...

5.9CVSS5.9AI score0.00405EPSS
Exploits0References7
OSV
OSV
added 6 days ago2 views

PYSEC-2026-1020 TensorFlow vulnerable to `CHECK` fail in `Unbatch`

Impact When Unbatch receives a nonscalar input id, it gives a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf import numpy as np arg0=tf.constantvalue=np.random.randomsize=3, 3, 1, dtype=tf.float64 arg1=tf.constantvalue=np.random.randint0,100,size=3, 3, 1,...

5.9CVSS7AI score0.00396EPSS
Exploits0References7
OSV
OSV
added 6 days ago2 views

PYSEC-2026-982 TensorFlow vulnerable to `CHECK` fail in `RandomPoissonV2`

Impact When RandomPoissonV2 receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf arg0=tf.random.uniformshape=4,, dtype=tf.int32, maxval=65536 arg1=tf.random.uniformshape=4, 4, 4, 4, 4, dtype=tf.float32, maxval=None...

5.9CVSS7AI score0.00396EPSS
Exploits0References7
OSV
OSV
added 6 days ago5 views

PYSEC-2026-1016 TensorFlow vulnerable to `CHECK` fail in `RaggedTensorToVariant`

Impact If RaggedTensorToVariant is given a rtnestedsplits list that contains tensors of ranks other than one, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf batchedinput = True rtnestedsplits = tf.constant0,32,64, shape=3,...

5.9CVSS7AI score0.00383EPSS
Exploits0References7
OSV
OSV
added 6 days ago4 views

PYSEC-2026-978 TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannel`

Impact If FakeQuantWithMinMaxVarsPerChannel is given min or max tensors of a rank other than one, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf numbits = 8 narrowrange = False inputs = tf.constant0, shape=4, dtype=tf.float32 min ...

5.9CVSS7AI score0.00396EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-1019 TensorFlow vulnerable to `CHECK` failure in `AvgPoolOp`

Impact The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. python import tensorflow as tf import numpy as np value = np.ones1, 1, 1, 1 ksize = 1, 1e20, 1, 1 strides = 1, 1, 1, 1 padding = 'SAM...

5.9CVSS5.9AI score0.00562EPSS
Exploits0References8
OSV
OSV
added 2026/07/06 9:37 a.m.3 views

PYSEC-2026-974 TensorFlow vulnerable to `CHECK` failure in `SobolSample` via missing validation

Impact The implementation of SobolSampleOp is vulnerable to a denial of service via CHECK-failure assertion failure caused by assuming input0, input1, and input2 to be scalar. python import tensorflow as tf tf.rawops.SobolSampledim=tf.constant1,0, numresults=tf.constant1, skip=tf.constant1 Patche...

5.9CVSS6.9AI score0.00441EPSS
Exploits0References7
OSV
OSV
added 2026/07/06 9:37 a.m.10 views

PYSEC-2026-1024 TensorFlow vulnerable to `CHECK` fail in `tf.sparse.cross`

Impact If tf.sparse.cross receives an input separator that is not a scalar, it gives a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf tf.sparse.crossinputs=,name='a',separator=tf.constant'a', 'b',dtype=tf.string Patches We have patched the issue ...

5.9CVSS5.9AI score0.00405EPSS
Exploits0References7
NVD
NVD
added 2026/06/26 7:16 a.m.9 views

CVE-2026-8380

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the Frontend File Manager Plugi...

6.5CVSS0.00342EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.11 views

CVE-2025-15611

The Popup Box WordPress plugin before 5.5.0 does not properly validate nonces in the addoreditpopupbox function before saving popup data, allowing unauthenticated attackers to perform Cross-Site Request Forgery attacks. When an authenticated admin visits a malicious page, the attacker can create ...

5.4CVSS5.6AI score0.00136EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.10 views

CVE-2026-4109

The Eventin – Events Calendar, Event Booking, Ticket & Registration AI Powered plugin for WordPress is vulnerable to unauthorized access of data due to a improper capability check on the getitempermissionscheck function in all versions up to, and including, 4.1.8. This makes it possible for...

4.3CVSS5.6AI score0.00179EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 8:49 a.m.42 views

CVE-2026-4881

In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error...

6CVSS0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 a.m.16 views

CVE-2026-20455

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6784...

7.8CVSS5.8AI score0.00108EPSS
Exploits0References1
Rows per page
Query Builder