EulerOS 2.0 SP5 : numpy (EulerOS-SA-2022-1906)

According to the versions of the numpy packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED Null Pointer Dereference vulnerability exists in numpy.sort in NumPy and 1.19 in the PyArrayDescrNew function due to missing return-valu...

FreeBSD : py-numpy -- Missing return-value validation of the function PyArray_DescrNew (b51cfaea-e919-11ec-9fba-080027240888)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b51cfaea-e919-11ec-9fba-080027240888 advisory. - DISPUTED Null Pointer Dereference vulnerability exists in numpy.sort in NumPy and 1.19 in the...

EulerOS 2.0 SP3 : numpy (EulerOS-SA-2022-1749)

According to the versions of the numpy packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED Buffer overflow in the arrayfrompyobj function of fortranobject.c in NumPy 1.19, which allows attackers to conduct a Denial of Service...

Huawei EulerOS: Security Advisory for numpy (EulerOS-SA-2022-1749)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Numpy Deserialization of Untrusted Data

DISPUTED An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior...

GHSA-9FQ2-X9R6-WFMF Numpy Deserialization of Untrusted Data

DISPUTED An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior...

abcpy (>=0.5.0 <=0.5.2), abtests (>=0.0.1 <=0.0.2.1) +583 more potentially affected by CVE-2019-6446 via numpy (>=1.10.0 <=1.16.0)

numpy PYPI version =1.10.0, =0.5.0, =0.0.1, =0.0.1, =0.1.0, =0.6.0, =2.0.0, =0.0.2, =0.1.0, =0.0.13, =1.1.0rc6, =2.0.0, =2.1.1 and more Source cves: CVE-2019-6446 Source advisory: OSV:GHSA-9FQ2-X9R6-WFMF...

Code injection

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's savedmodelcli tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had...

CVE-2022-29216

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's savedmodelcli tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had...

new packages: inkscape-flatpak module

An update is available for libsigc++20, gc, poppler, inkscape, poppler-data, python-scour, libwpd, librevenge, libwpg, pangomm, python-lxml, potrace, gtkmm30, double-conversion, gtkspell3, python-appdirs, numpy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base...

new packages: numpy

An update is available for numpy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.0...

Security update for python-numpy (important)

openSUSE Security Update: Security update for python-numpy Announcement ID: openSUSE-SU-2022:0134-1 Rating: important References: 1190345 1193907 1193913 Cross-References: CVE-2021-21897 CVE-2021-33430 CVE-2021-41496 CVSS scores: CVE-2021-21897 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A...

GHSA-CW6W-4RCX-XPHC Arbitrary file write in NumPy

init.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file...

Arbitrary file write in NumPy

init.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file...

Numpy arbitrary file write via symlink attack

1 core/tests/testmemmap.py, 2 core/tests/testmultiarray.py, 3 f2py/f2py2e.py, and 4 lib/tests/testio.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file...

GHSA-2FC2-6R4J-P65H Numpy arbitrary file write via symlink attack

1 core/tests/testmemmap.py, 2 core/tests/testmultiarray.py, 3 f2py/f2py2e.py, and 4 lib/tests/testio.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file...

GHSA-FRGW-FGH6-9G52 Numpy missing input validation

The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack...

abtests (>=0.0.1 <=0.0.2.1), adjsim (>=2.0.0 <=2.1.0) +108 more potentially affected by CVE-2017-12852 via numpy (>=1.10.0 <=1.13.1)

numpy PYPI version =1.10.0, =0.0.1, =2.0.0, =0.1.0, =0.1.0, =0.1.0, =0.7.0, =1.0.2 - cami-opal =0.2.5 and more Source cves: CVE-2017-12852 Source advisory: OSV:GHSA-FRGW-FGH6-9G52...

Numpy missing input validation

The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack...

Huawei EulerOS: Security Advisory for numpy (EulerOS-SA-2022-1662)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...