CLSA-2023-1693986539 python3: Fix of 2 CVEs

CVE-2022-48565: Reject XML entity declarations in plist files - CVE-2022-48566: Remove possible time-affected optimization...

PSF-2023-6 hmac.compare_digest() accumulator not constant-time

An issue was discovered in comparedigest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.comparedigest...

Can you enable HDX 3D Pro on Server VDA?

Need to enable HDX 3D Pro on Server VDA. Policy setting for 'Optimise for 3D Graphics Workload' is enabled - VeryHighDef Policy Template applied. -https://docs.citrix.com/en-us/citrix-daas/policies/policies-templates.html HDX Graphic Status Indicator on Published Desktops States 'HDX 3D Pro:...

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime may affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2022-21282, CVE-2022-21296, CVE-2022-21299)

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Version 8 used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-21299 DESCRIPTION: An unspecified...

CVE-2023-27506

Improper buffer restrictions in the IntelR Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access...

Buffer overflow

Improper buffer restrictions in the IntelR Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-27506

Improper buffer restrictions in the IntelR Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-27506

Improper buffer restrictions in the IntelR Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-27506

CVE-2023-27506 affects Intel® Optimization for TensorFlow prior to 2.12. The issue arises from improper buffer restrictions, enabling a locally authenticated attacker to potentially escalate privileges on the system. Intel and multiple advisories reference the same vulnerability, with the primary...

PT-2023-21178 · Intel · Intel Optimization For Tensorflow

Name of the Vulnerable Software and Affected Versions: IntelR Optimization for Tensorflow versions prior to 2.12 Description: The issue is related to improper buffer restrictions, which may allow an authenticated user to potentially enable escalation of privilege via local access. Recommendations...

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs

Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called Collide+Power CVE-2023-20583, Downfall CVE-2022-40982, and Inception CVE-2023-20569, the novel methods follow the disclosure of another newly...

e107 Cross-Site Scripting Vulnerability

e107 is an open source, free and PHP and MySQL based Content Management System CMS from the E107 team. The system supports a wide range of plug-ins and look-alike themes, and can be used as a personal blog, discussion community, archive repository, and so on. A cross-site scripting vulnerability...

How to Leverage the AWS Cost Optimization Pillar

Explore the Cost Optimization pillar of the AWS Well-Architected Framework and gain best practices for designing processes that make it possible to go to market and optimize costs early on...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Decision Optimization for IBM Cloud Private for Data (ICP4Data)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Decision Optimization for ICP4Data. IBM Decision Optimization for ICP4Data has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime...

kernel security and bug fix update

5.14.0-284.18.12 - cifs: fix wrong unlock before return from cifstreeconnect - docs: Remove the unnecessary unicode character - perf vendor events intel: Refresh ivytown metrics and events - perf vendor events: Update Intel ivytown - perf vendor events intel: Refresh jaketown metrics and events -...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2023-2424)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Image Optimization 3.8.2 Open Redirection

==================================================================================================================================== | Title : WordPress Image Optimization 3.8.2 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefo...

WordPress WooCommerce Visitor Recording and Conversion Rate Optimization plugin - HumCommerce Plugin <= 3.0.9 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Visitor Recording and Conversion Rate Optimization plugin - HumCommerce Type Plugin Vulnerable versions = 3.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress Robots.txt optimization Plugin < 1.4.7 is vulnerable to Cross Site Scripting (XSS)

Software Robots.txt optimization Type Plugin Vulnerable versions 1.4.7 Fixed in 1.4.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e354a0c1d52e Credits Rafie Muhammad Patchstack...

WordPress ImagePilot - Save Money, Disk Space, and Bandwidth with Image Optimization Plugin < 0.1.2 is vulnerable to Cross Site Scripting (XSS)

Software ImagePilot - Save Money, Disk Space, and Bandwidth with Image Optimization Type Plugin Vulnerable versions 0.1.2 Fixed in 0.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership...