860 matches found
This Week in Spring - January 31st, 2023
Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm not going to spend too much time here in the preamble because a today's both my birthday and my late father's birthday and b I got the worst gift ever: COVID-19. Sigh. So, I'm going back to bed. Without further ado, let's...
Exploit for Cross-Site Request Forgery (CSRF) in Filebrowser
CVE-2021-46398 - Lalie ARNOUD, Gaspard ANDRIEU In this reposi...
Avoiding <img> layout shifts: aspect-ratio vs width & height attributes
By default, an takes up zero space until the browser loads enough of the image to know its dimensions: &origin=source&to=/c/senna-d1c8a036.jpg When you run the demo, you'll see the immediately. Then, after a few seconds, this paragraph and subsequent page content shifts downwards to make room for...
Avoiding <img /> layout shifts: aspect-ratio vs width & height attributes
By default, an takes up zero space until the browser loads enough of the image to know its dimensions: &origin=source&to=/c/senna-d1c8a036.jpg When you run the demo, you'll see the immediately. Then, after a few seconds, this paragraph and subsequent page content shifts downwards to make room for...
Akamai Is a Leader in Forrester New Wave: Microsegmentation
We are excited to be named a Leader in The Forrester New Wave™: Microsegmentation, Q1 2022. We were evaluated alongside eight other vendors in the microsegmentation space and ranked in 10 criteria, including product vision, interface and reporting, host agents, agentless aspect, product, and...
American Auto-Matrix Front-End Solutions Vulnerabilities
OVERVIEW Independent researcher Maxim Rupp has identified a local file inclusion and a plain text storage of password vulnerabilities in American Auto-Matrix’s Building Automation Front-End Solutions application. The Aspect-Matrix hardware platform was made end of life in 2015 and will no longer...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +60 more potentially affected by CVE-2021-41200 via tensorflow (>=2.5.0 <=2.5.1)
tensorflow PYPI version =2.5.0, =0.21.2, =0.0.1, =1.1.0, =0.1.6, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.8.0 and more Source cves: CVE-2021-41200 Source advisory: OSV:GHSA-GH8H-7J2J-QV4F...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +60 more potentially affected by CVE-2021-41221 via tensorflow (>=2.5.0 <=2.5.1)
tensorflow PYPI version =2.5.0, =0.21.2, =0.0.1, =1.1.0, =0.1.6, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.8.0 and more Source cves: CVE-2021-41221 Source advisory: OSV:PYSEC-2021-413...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +60 more potentially affected by CVE-2021-41209 via tensorflow (>=2.5.0 <=2.5.1)
tensorflow PYPI version =2.5.0, =0.21.2, =0.0.1, =1.1.0, =0.1.6, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.8.0 and more Source cves: CVE-2021-41209 Source advisory: OSV:PYSEC-2021-401...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +60 more potentially affected by CVE-2021-41197 via tensorflow (>=2.5.0 <=2.5.1)
tensorflow PYPI version =2.5.0, =0.21.2, =0.0.1, =1.1.0, =0.1.6, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.8.0 and more Source cves: CVE-2021-41197 Source advisory: OSV:PYSEC-2021-390...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37637 via tensorflow (=2.5.0)
tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37668 via tensorflow (=2.5.0)
tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29612 via tensorflow (>=2.2.0 <=2.2.2)
tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29612 Source advisory: OSV:GHSA-2XGJ-XHGF-GGJV...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29599 via tensorflow (>=2.2.0 <=2.2.2)
tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29599 Source advisory: OSV:GHSA-97WF-P777-86JQ...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29592 via tensorflow (>=2.2.0 <=2.2.2)
tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29592 Source advisory: OSV:GHSA-JJR8-M8G8-P6WV...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29543 via tensorflow (>=2.2.0 <=2.2.2)
tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29543 Source advisory: OSV:GHSA-FPHQ-GW9M-GHRV...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29582 via tensorflow (>=2.2.0 <=2.2.2)
tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29582 Source advisory: OSV:PYSEC-2021-219...
The vulnerability of the spring-aop component of the Jackson-databind library in the FasterXML project allows a hacker to execute arbitrary code.
The vulnerability of the spring-aop component of the Jackson-databind library in the FasterXML project is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code on the target system...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +82 more potentially affected by CVE-2020-15214 via tensorflow (=2.2.0)
tensorflow PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - accuinsight =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2020-15214 Source advisory...
aspect-property.com Cross Site Scripting vulnerability OBB-1209719
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...