Design/Logic Flaw

A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage...

CVE-2021-3614

CVE-2021-3614 concerns Lenovo notebook BIOS: Condition: attacker with physical access can elevate privileges during a BIOS update performed via Lenovo Vantage on some Lenovo notebooks. Root cause hint in connected CNNVD entry suggests lack of authentication measures in the BIOS update process. Im...

CVE-2021-3614

A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage...

CVE-2021-32698

eLabFTW is an open source electronic lab notebook for research labs. This vulnerability allows an attacker to make GET requests on behalf of the server. It is "blind" because the attacker cannot see the result of the request. Issue has been patched in eLabFTW 4.0.0...

CVE-2021-32698

eLabFTW is an open source electronic lab notebook for research labs. This vulnerability allows an attacker to make GET requests on behalf of the server. It is "blind" because the attacker cannot see the result of the request. Issue has been patched in eLabFTW 4.0.0...

Cross site request forgery (csrf)

eLabFTW is an open source electronic lab notebook for research labs. This vulnerability allows an attacker to make GET requests on behalf of the server. It is "blind" because the attacker cannot see the result of the request. Issue has been patched in eLabFTW 4.0.0...

CVE-2021-32698 Blind Server-Side Request Forgery (SSRF) in eLabFTW

eLabFTW is an open source electronic lab notebook for research labs. This vulnerability allows an attacker to make GET requests on behalf of the server. It is "blind" because the attacker cannot see the result of the request. Issue has been patched in eLabFTW 4.0.0...

CVE-2021-32698

CVE-2021-32698 affects the eLabFTW open source electronic lab notebook. The issue is a blind server-side request forgery (SSRF) that lets an attacker cause the server to issue GET requests on behalf of the server, without the attacker seeing the response. The vulnerability is mitigated by a patch...

SUSE: Security Advisory (SUSE-SU-2020:2102-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-22220

An issue has been discovered in GitLab affecting all versions starting with 13.10. GitLab was vulnerable to a stored XSS in blob viewer of notebooks...

CVE-2021-22220

Removed by vendor...

openSUSE: Security Advisory for python-notebook (openSUSE-SU-2021:0024-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

USN-4855-1 ipython vulnerability

It was discovered that IPython did not properly sanitize certain input. If a user were tricked into opening a specially crafted notebook file, a remote attacker could possibly use this issue to execute arbitrary code...

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook lies in the fact that an exception can occur when data is written beyond the buffer in memory. This allows a malicious actor to trigger a service failure or execute arbitrary code.

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure or execute arbitrary code using a specially created file with...

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook lies in the fact that when an operation is performed outside the buffer in memory, it allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure or execute arbitrary code using a specially created file with...

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook involves an operation that goes beyond the buffer limits in memory. This allows a malicious actor to trigger a service failure or execute arbitrary code.

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure or execute arbitrary code using a specially created file with t...

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook lies in the fact that when an operation is performed outside the buffer in memory, it allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure or execute arbitrary code using a specially created file with...

CVE-2021-2138

The CVE-2021-2138 entry concerns Oracle Cloud Infrastructure Data Science Notebook Sessions. Affected component: Data Science Notebook Sessions (Oracle Cloud). Root cause: vulnerability enables a low-privileged attacker with access to the physical communication segment attached to the hardware ho...

CVE-2021-2138

Vulnerability in the Oracle Cloud Infrastructure Data Science Notebook Sessions. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the Oracle Cloud Infrastructure Data Science Notebook Sessions executes...

Oracle Cloud Infrastructure Data Science Notebook 安全漏洞

Oracle Cloud Infrastructure Data Science Notebook is an application from Oracle Corporation USA. The machine learning library in the JupyterLab interface is provided to write and execute Python code to build and train models. A security vulnerability exists in Oracle Cloud Infrastructure Data...