animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +188 more potentially affected by CVE-2022-41880 via tensorflow-gpu (>=1.10.1 <=2.8.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-41880 Source advisory: OSV:GHSA-8W5G-3WCV-9G2J...

CVE-2022-37774

There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. When accessing some specific document pdf, email from an archive, a preview is proposed by the application. This preview generates a URL including an md5 hash of the file accessed. The document's URL https://url/tmp/M...

CVE-2022-37774

CVE-2022-37774 affects Maarch RM 2.8.3. A broken access-control flaw allows unauthenticated access to previews of certain documents (PDFs/emails) via a generated URL containing the MD5 hash, e.g. https://{url}/tmp/{MD5}. This URL can disclose the document without authentication, constituting a co...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +188 more potentially affected by CVE-2022-41910 via tensorflow-gpu (>=1.10.1 <=2.8.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-41910 Source advisory: OSV:GHSA-FRQP-WP83-QGGV...

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4903 more potentially affected by CVE-2022-41910 via tensorflow (>=1.0.1 <=2.8.3)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.5.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-41910 Source advisory: OSV:GHSA-FRQP-WP83-QGGV...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +188 more potentially affected by CVE-2022-41908 via tensorflow-gpu (>=1.10.1 <=2.8.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-41908 Source advisory: OSV:GHSA-MV77-9G28-CWG3...

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4903 more potentially affected by CVE-2022-41899 via tensorflow (>=1.0.1 <=2.8.3)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.5.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-41899 Source advisory: OSV:GHSA-27RC-728F-X5W2...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +188 more potentially affected by CVE-2022-41899 via tensorflow-gpu (>=1.10.1 <=2.8.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-41899 Source advisory: OSV:GHSA-27RC-728F-X5W2...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +188 more potentially affected by CVE-2022-41886 via tensorflow-gpu (>=1.10.1 <=2.8.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-41886 Source advisory: OSV:GHSA-54PP-C6PP-7FPX...

CVE-2022-27858 WordPress Activity Log plugin <= 2.8.3 - CSV Injection vulnerability

CSV Injection vulnerability in Activity Log Team Activity Log = 2.8.3 on WordPress...

WordPress plugin Activity Log 注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2022-28811

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could utilize an improper input validation on an API-submitted parameter to execute arbitrary OS commands...

CVE-2022-28813

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of an SQL-injection to gain access to a volatile temporary database with the current states of the device...

CVE-2022-28816

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy is prone to reflected XSS which only affects the Sentilo service...

CVE-2022-22523 Carlo Gavazzi UWP 3.0 WebApp allows for authentication bypass

An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised user if free-access is disabled...

Carlo Gavazzi UWP SQL注入漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. It is used for applications such as building automation, energy efficiency performance management and parking lot guidance. A SQL injection vulnerability exists in Carlo Gavazzi UWP 3.0, which can be exploite...

Carlo Gavazzi UWP 跨站脚本漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. It is used for applications such as building automation, energy efficiency performance management and parking lot guidance. A cross-site scripting vulnerability exists in Carlo Gavazzi UWP 3.0, which can be...

Carlo Gavazzi UWP SQL注入漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. for applications such as building automation, energy efficiency performance management and parking lot guidance. A SQL injection vulnerability exists in Carlo Gavazzi UWP 3.0, which originates from a Sentilo...

Carlo Gavazzi UWP 操作系统命令注入漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. for applications such as building automation, energy efficiency performance management and parking lot guidance. An operating system command injection vulnerability exists in Carlo Gavazzi UWP 3.0, which can ...

CVE-2022-28813 SQL-injection in Car Park Server 3.0 allows for full database access.

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of an SQL-injection to gain access to a volatile temporary database with the current states of the device...