PT-2021-21085 · Orca Hcm · Orca Hcm

Name of the Vulnerable Software and Affected Versions: Orca HCM digital learning platform affected versions not specified Description: The issue concerns the use of a weak factory default administrator password in the Orca HCM digital learning platform. This password is hard-coded in the source...

LearningDigital Orca HCM digital learning platform 代码问题漏洞

LearningDigital Orca HCM digital learning platform is a digital learning platform from China's LearningDigital. The Orca HCM digital learning platform suffers from a code issue vulnerability that stems from specific parameters of the platform's upload function that do not filter file formats,...

Security Bulletin: Netty Vulnerability Affects IBM Watson Machine Learning on CP4D ( CVE-2021-21290)

Summary Netty could allow a local authenticated attacker to obtain sensitive information, caused by an insecure temp file in Unix-like systems on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-21290 DESCRIPTION: Netty could allow a local authenticated attacker to obtain...

Microsoft to acquire RiskIQ to strengthen cybersecurity of digital transformation and hybrid work

Organizations are increasingly using the cloud to reimagine every facet of their business. Hybrid work has accelerated this digital transformation, and customers are challenged with the increasing sophistication and frequency of cyberattacks. Today, Microsoft is announcing that we have entered in...

[SECURITY] Fedora 34 Update: perl-Mojolicious-8.73-2.fc34

Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...

Coursera Flunks API Test in Researchers’ Security Exam

Researchers have discovered multiple application programming interface API issues in Coursera, the online learning platform used by 82 million learners and hundreds of Fortune 500 companies. On Thursday, the Checkmarx Security Research Team published a report on its findings, which included user...

Google TensorFlow Numeric Error Vulnerability

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow 2.4.2, 2.3.3, 2.2.3, 2.1.4 suffers from a number error vulnerability that can be exploited by an attacker to trigger undefined behavior via a null pointer bound to...

Google TensorFlow suffers from an unspecified vulnerability (CNVD-2021-48863)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow 2.4.2, 2.3.3, 2.2.3, 2.1.4, which can be exploited by an attacker to cause a denial of service by controlling the value of the num segments...

Google TensorFlow code issue vulnerability (CNVD-2021-48860)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A code issue vulnerability exists in Google TensorFlow 2.4.2, 2.3.3, 2.2.3, 2.1.4, which stems from tf.rawops.SdcaOptimizer triggering undefined behavior due to dereferencing a null pointer. No...

Google TensorFlow suffers from an unspecified vulnerability (CNVD-2021-48857)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow 2.4.2, 2.3.3, 2.2.3, 2.1.4, which stems from the absence of loops between nodes of a TFlite graph. No detailed vulnerability details are...

Google TensorFlow suffers from an unspecified vulnerability (CNVD-2021-48856)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow versions 2.4.2, 2.3.3, 2.2.3, and 2.1.4, which stems from a lack of validation in tf.rawops.RaggedTensorToTensor, and can be exploited by an...

Google TensorFlow suffers from an unspecified vulnerability (CNVD-2021-48855)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow versions 2.4.2, 2.3.3, 2.2.3, and 2.1.4, which stems from tf.rawops.QuantizeAndDequantizeV2 allows invalid values for the axis parameter:. No...

Google TensorFlow suffers from an unspecified vulnerability (CNVD-2021-48866)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow 2.4.2, 2.3.3, 2.2.3, 2.1.4, which can be exploited by an attacker to cause a denial of service via a failure from the implementation of CHECK...

Google TensorFlow Input Validation Error Vulnerability (CNVD-2021-48858)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow 2.4.2, 2.3.3, 2.2.3, 2.1.4 suffers from an input validation error vulnerability that can be exploited by an attacker to cause a denial of service...

Google TensorFlow Buffer Overflow Vulnerability (CNVD-2021-48861)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A buffer overflow vulnerability exists in Google TensorFlow 2.4.2, 2.3.3, 2.2.3, 2.1.4, which can be exploited by an attacker to cause a read to exceed the bounds of the heap allocation data...

Preparing for your migration from on-premises SIEM to Azure Sentinel

The pandemic of 2020 has reshaped how we engage in work, education, healthcare, and more, accelerating the widespread adoption of cloud and remote-access solutions. In today’s workplace, the security perimeter extends to the home, airports, the gym—wherever you are. To keep pace, organizations...

Preparing for your migration from on-premises SIEM to Azure Sentinel

The pandemic of 2020 has reshaped how we engage in work, education, healthcare, and more, accelerating the widespread adoption of cloud and remote-access solutions. In today’s workplace, the security perimeter extends to the home, airports, the gym—wherever you are. To keep pace, organizations...

CoolCollege has an information breach

CoolCollege is a course service platform tailored for various companies. The software enhances learning efficiency and more through 36 scenarios such as course creation, assignment tracking, data analysis, and job certification. An information disclosure vulnerability exists in CoolCollege, which...

Online learning provider New Skills Academy alerts users of data breach

By Waqas According to the data breach notification email sent by New Skills Academy, the number of victims impacted by the breach is yet unknown. This is a post from HackRead.com Read the original post: Online learning provider New Skills Academy alerts users of data breach...

Google TensorFlow suffers from an unspecified vulnerability (CNVD-2021-46659)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in TensorFlow 2.4.2,2.3.3,2.2.3,2.1.4, which stems from the fact that tf.rawops.SparseCountSparseOutput causes a segmentation error to be thrown from the standard...