Lucene search
K

941 matches found

Oracle linux
Oracle linux
added 2022/05/17 12:0 a.m.40 views

cockpit security, bug fix, and enhancement update

264.1-1.0.1 - Remove duplicate reference to server in cockpit Orabug: 33862832 - Update documentation links Orabug: 32795691 - Make documentation links point to Oracle Linux information Orabug: 30271413 Orabug: 32013095 - Fix rendering of hwinfo page on systems with some empty memory slots Orabug...

7.5CVSS5.8AI score0.01212EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/04/05 6:15 p.m.2 views

CVE-2022-28649

In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description...

5.4CVSS6.1AI score0.0038EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/03/31 12:0 a.m.92 views

Joomla! 2.5.x < 3.10.7 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 2.5.x prior to 3.10.7 or 4.x prior to 4.1.1. It is, therefore, affected by multiple vulnerabilities. - Extracting an specifilcy crafted tar package could write files outside of the intended path...

9.8CVSS7.2AI score0.02007EPSS
Exploits3References16
NVD
NVD
added 2022/03/30 4:15 p.m.12 views

CVE-2022-23801

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in commedia...

6.1CVSS0.00565EPSS
Exploits0References1
Prion
Prion
added 2022/03/30 4:15 p.m.18 views

Design/Logic Flaw

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in commedia...

4.3CVSS5.9AI score0.00565EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/03/30 3:20 p.m.126 views

CVE-2022-23801

Joomla! 4.0.0–4.1.0 is affected by a cross-site scripting (XSS) vulnerability via an SVG embedding path in com_media. Root cause: improper handling/cleanup of SVG content leading to executable HTML/script in the user’s browser. Public references describe a possible XSS attack vector through SVGs,...

6.1CVSS6.2AI score0.00565EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/30 12:0 a.m.4 views

PT-2022-16273 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 4.0.0 through 4.1.0 Description: An issue was discovered in Joomla, allowing a possible XSS attack vector through SVG embedding in com media. Recommendations: For Joomla! versions 4.0.0 through 4.1.0, consider disabling the S...

6.1CVSS6AI score0.00565EPSS
Exploits0References7
OSV
OSV
added 2022/03/10 5:42 p.m.1 views

UBUNTU-CVE-2021-3660

Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...

4.3CVSS7.2AI score0.01212EPSS
Exploits0References3
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/03 12:0 a.m.15 views

Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability

A vulnerability exists in Windows Object Linking & Embedding OLE that could allow remote code execution if a user opens a file that contains a specially crafted OLE object...

9.3CVSS7.1AI score0.81628EPSS
In wildExploits22
Github Security Blog
Github Security Blog
added 2022/02/09 11:52 p.m.36 views

Integer overflow in TFLite

Impact An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations: cc int embeddingsize = 1; int lookupsize = 1; for int i = 0; i data.i32i; lookupsize = dim; outputshape-datak = dim; for int i = 1; i datak = dim; Both embeddingsize and lookupsize are...

8.8CVSS1.1AI score0.01173EPSS
Exploits1References9Affected Software3
OSV
OSV
added 2022/02/09 11:52 p.m.2 views

GHSA-98P5-X8X4-C9M5 Integer overflow in TFLite

Impact An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations: cc int embeddingsize = 1; int lookupsize = 1; for int i = 0; i data.i32i; lookupsize = dim; outputshape-datak = dim; for int i = 1; i datak = dim; Both embeddingsize and lookupsize are...

8.8CVSS7.1AI score0.01173EPSS
Exploits1References9
CNVD
CNVD
added 2022/02/09 12:0 a.m.23 views

Google Tensorflow Input Validation Error Vulnerability (CNVD-2022-09880)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google Tensorflow is vulnerable to an input validation error that could be exploited by an attacker to build a TFLite model that leads to an integer overflow in the embedding lookup operation...

8.8CVSS3AI score0.01173EPSS
Exploits1References1
PyPA
PyPA
added 2022/02/04 11:15 p.m.5 views

PYSEC-2022-123

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS7.1AI score0.01173EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/02/04 11:15 p.m.2 views

PYSEC-2022-123

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS7.2AI score0.01173EPSS
Exploits1References5
OSV
OSV
added 2022/02/04 11:15 p.m.21 views

PYSEC-2022-68

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS3.3AI score0.01173EPSS
Exploits1References5
Prion
Prion
added 2022/02/04 11:15 p.m.21 views

Integer overflow

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

6.5CVSS8.7AI score0.01173EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2022/02/04 11:15 p.m.7 views

PYSEC-2022-68

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS7.1AI score0.01173EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2022/02/04 10:32 p.m.34 views

CVE-2022-23559 Integer overflow in TFLite

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS9AI score0.01173EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2022/02/04 10:32 p.m.5 views

CVE-2022-23559 Integer overflow in TFLite

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS8.8AI score0.01173EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2022/02/04 10:32 p.m.5 views

CVE-2022-23559

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS7.2AI score0.01173EPSS
Exploits1
Rows per page
Query Builder