Mozilla: URL leakage when navigating while executing asynchronous function

The Mozilla Foundation Security Advisory describes this flaw as: Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL...

Mozilla: URL leakage when navigating while executing asynchronous function

The Mozilla Foundation Security Advisory describes this flaw as: Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL...

CVE-2021-43536

The Mozilla Foundation Security Advisory describes this flaw as: Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL...

UBUNTU-CVE-2021-43536

Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

Security Vulnerabilities fixed in Firefox ESR 91.4.0 — Mozilla

Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. By misusing a race in our...

Crawpy - Yet Another Content Discovery Tool

Yet another content discovery tool written in python. What makes this tool different than others: It is written to work asynchronously which allows reaching to maximum limits. So it is very fast. Calibration mode, applies filters on its own Has bunch of flags that helps you fuzz in detail Recursi...

Low: Red Hat Security Advisory: Red Hat AMQ Broker 7.9.1 release and security update

Red Hat AMQ Broker 7.9.1 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

PT-2021-16313 · WordPress · Stylish Cost Calculator

Name of the Vulnerable Software and Affected Versions: Stylish Cost Calculator WordPress plugin versions prior to 7.0.4 Description: The issue is related to the lack of authorization and CSRF checks on some AJAX actions in the plugin, which are available to authenticated users. This could allow a...

The vulnerability of the asynchronous components of the “ASSaD-Video” surveillance system, related to uncontrolled resource consumption, allows a intruder to cause a service failure.

The vulnerability of the asynchronous components of the “ASSaD-Video” surveillance system is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

WordPress 插件 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is a WordPress open source application plugin. cross-site request forgery vulnerability exists in...

Dell PowerScale OneFS Denial of Service Vulnerability

Dell PowerScale OneFS is the PowerScale OneFS operating system that provides horizontal scaling NAS. A security vulnerability exists in Dell PowerScale OneFS that stems from Dell PowerScale OneFS containing asynchronous access to shared data in the context of multi-threaded SMB CA processing. An...

Dell Technologies Dell PowerScale OneFS 安全漏洞

Dell PowerScale OneFS is the PowerScale OneFS operating system that provides horizontal scaling NAS. A security vulnerability exists in Dell PowerScale OneFS that stems from Dell PowerScale OneFS containing asynchronous access to shared data in the context of multi-threaded SMB CA processing. An...

GHSA-GPFH-JVF9-7WG5 Use after free / memory leak in `CollectiveReduceV2`

Impact The async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free: python import tensorflow as tf tf.rawops.CollectiveReduceV2 input=, groupsize=-10, -10, -10, groupkey=-10, -10, instancekey=-10, orderingtoken=, mergeop='Mul', finalop='Div' This occurs due to t...

Google TensorFlow Resource Management Error Vulnerability (CNVD-2021-92552)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A resource management error vulnerability exists in Google TensorFlow due to a memory leak and post-release usage issue in the asynchronous implementation of CollectiveReduceV2. This occurs due to...

CVE-2021-24801

The WP Survey Plus WordPress plugin through 1.0 does not have any authorisation and CSRF checks in place in its AJAX actions, allowing any user to call them and add/edit/delete Surveys. Furthermore, due to the lack of sanitization in the Surveys' Title, this could also lead to Stored Cross-Site...

Wordpress plugin WP Survey Plus 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the erection of personal blog sites on PHP and MySQL servers. WordPress Plugin is a WordPress open source application plugin. access control error vulnerability in Wordpress...

PYSEC-2021-629

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...

PYSEC-2021-629

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...

PYSEC-2021-827

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...

CVE-2021-41220 Use after free in `CollectiveReduceV2`

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...