CVE-2022-26382

While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox 98...

GLSA-202211-05 : Mozilla Thunderbird: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202211-05 Mozilla Thunderbird: Multiple Vulnerabilities - Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests migh...

マイクロソフト 機械学習 メンバーシップ推論コンペティション (MICO) の発表

本ブログは、Announcing the Microsoft Machine Learning Membership Inference Competition MICOの抄訳版です。最新の情報は原文を参照してく...

Announcing the Microsoft Machine Learning Membership Inference Competition (MICO)

We’re excited to announce the launch of a new competition focusing on the security and privacy of machine learning ML systems. Machine learning has already become a key enabler in many products and services, and this trend is likely to continue. It is therefore critical to understand the security...

Zulip 信息泄露漏洞

Zulip is a powerful open source group chat application from Zulip, Inc. for combining the immediacy of real-time chat with the productivity benefits of threaded conversations. An information disclosure vulnerability exists in Zulip versions 5.0 through 5.6, which stems from its use of a comparato...

CVE-2022-36048

CVE-2022-36048 concerns Zulip Server prior to 5.6, where an attacker who can send messages can craft image-URLs to bypass the go-camo image proxy and cause the viewer’s IP address and browser fingerprinting information to be inferred via embedded remote images. The vulnerability affects Zulip Ser...

CVE-2022-31177 Possible to infer sensitive information through query strings in Flask-AppBuilder

Flask-AppBuilder is an application development framework built on top of Flask python framework. In versions prior to 4.1.3 an authenticated Admin user could query other users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The...

kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak

The Linux kernel's TCP source port generation algorithm in the TCP stack contains a flaw due to the small table perturb size. This flaw allows an attacker to positively distinguish a system among devices with identical hardware and software, which lasts until the device restarts. An attacker can...

Citrix Hypervisor Security Bulletin for CVE-2022-23825 and CVE-2022-29900

AMD has disclosed an issue that affects AMD CPU hardware and may allow code inside a guest VM to infer the contents of RAM memory elsewhere on the host. Although this is not an issue in the Citrix Hypervisor product itself, Citrix is releasing hotfixes that include product changes to mitigate thi...

CVE-2021-33647

When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers...

CVE-2021-33650

When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers...

CVE-2021-33648

When performing the inference shape operation of Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather operators, if the input shape size is 0, it will access data outside of bounds of shape which allocated from heap buffers...

CVE-2021-33647

When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers...

CVE-2021-33650

When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers...

CVE-2021-33649

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the inputshape, it will access data outside of bounds of inputshape which allocated from heap buffers...

Heap overflow

When performing the inference shape operation of Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather operators, if the input shape size is 0, it will access data outside of bounds of shape which allocated from heap buffers...

Out-of-bounds

When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers...

Heap overflow

When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers...

Heap overflow

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the inputshape, it will access data outside of bounds of inputshape which allocated from heap buffers...

CVE-2021-33650

When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers...