813 matches found
joblib 安全漏洞
joblib is joblib open source set of tools to provide lightweight pipelining in Python. Joblib package versions prior to 1.2.0 has a security vulnerability , the vulnerability stems from its Parallel class in the predispatch flag allows an attacker to achieve arbitrary code execution through eval...
CVE-2022-21797
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
Arbitrary Code Execution
Overview joblib is a Lightweight pipelining with Python functions Affected versions of this package are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement. PoC py def f: return 1 p = Parallelnjobs=3, predispatch="sys.exit0" pdelayedf for i ...
Fedora: Security Advisory for rubygem-puma (FEDORA-2022-7c8b29195f)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
parallel-schallplatten.de Cross Site Scripting vulnerability OBB-2828617
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
[SECURITY] Fedora 36 Update: golang-starlark-0-0.8.20210113gite81fc95.fc36
Starlark is a dialect of Python intended for use as a configuration language. Like Python, it is an untyped dynamic language with high-level data types, first-class functions with lexical scope, and garbage collection. Unlike CPython, independent Starlark threads execute in parallel, so Starlark...
[SECURITY] Fedora 36 Update: golang-github-apache-beam-2-2.33.0~RC1-8.fc36
Apache Beam is a unified model for defining both batch and streaming data-parallel processing pipelines, as well as a set of language-specific SDKs for constructing pipelines and Runners for executing them on distributed processing backends, including Apache Flink, Apache Spark, Google Cloud...
Fedora: Security Advisory for golang-starlark (FEDORA-2022-3e1ade35db)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: golang-starlark-0-0.7.20210113gite81fc95.fc35
Starlark is a dialect of Python intended for use as a configuration language. Like Python, it is an untyped dynamic language with high-level data types, first-class functions with lexical scope, and garbage collection. Unlike CPython, independent Starlark threads execute in parallel, so Starlark...
[SECURITY] Fedora 35 Update: golang-github-apache-beam-2-2.33.0~RC1-7.fc35
Apache Beam is a unified model for defining both batch and streaming data-parallel processing pipelines, as well as a set of language-specific SDKs for constructing pipelines and Runners for executing them on distributed processing backends, including Apache Flink, Apache Spark, Google Cloud...
Fedora: Security Advisory for golang-starlark (FEDORA-2022-ba365d3703)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: golang-starlark-0-0.7.20210113gite81fc95.fc36
Starlark is a dialect of Python intended for use as a configuration language. Like Python, it is an untyped dynamic language with high-level data types, first-class functions with lexical scope, and garbage collection. Unlike CPython, independent Starlark threads execute in parallel, so Starlark...
USN-5413-1: Linux kernel vulnerabilities
Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 It was discovered that a race condition existed in the network...
USN-5413-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 It was discovered that a race condition existed in the network...
Updated mariadb packages fix security vulnerability
InnoDB - --skip-symbolic-links does not disallow .isl file creation MDEV-26870 - Indexed CHAR columns are broken with NOPAD collations MDEV-25440 - insert-intention lock conflicts with waiting ORDINARY lock MDEV-27025 - Crash recovery improvements MDEV-26784, MDEV-27022, MDEV-27183, MDEV-27610...
CVE-2021-42000
When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password...
CVE-2021-42000
When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password...
PT-2022-11527 · Ping Identity · Pingfederate
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue arises when a password reset or password change flow with an authentication policy is configured, and the adapter in the reset or change polic...
Ping Identity PingFederate 安全漏洞
Ping Identity PingFederate is a flagship software-based federation server in the United States. It is used for identity management. PingFederate has a security vulnerability that stems from a faulty password reset process in the software. When a password reset or password modification process wit...
Intel Trace Analyzer And Collector 缓冲区错误漏洞
Intel Trace Analyzer And Collector is a trace analyzer and collector from Intel USA. It is used to analyze Mpi behavior in parallel applications. Intel Trace Analyzer and Collector suffers from a buffer error vulnerability that stems from a potential security flaw in Intel Trace Analyzer and...