Astra Linux - уязвимость в freerdp2

FreeRDP is a free remote desktop protocol library and client. Versions of FreeRDP affected by this issue lack input length validation in the “drive” channel. A malicious server can trick a FreeRDP-based client into reading out-of-bound data and sending it back to the server. This issue has been...

CVE-2024-14015 Studiocart <= 2.9.0 - Reflected XSS

The WordPress eCommerce Plugin WordPress plugin through 2.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

EUVD-2025-35972

Missing Authorization vulnerability in Themekraft BuddyForms buddyforms allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BuddyForms: from n/a through = 2.9.0...

CVE-2025-54695

Missing Authorization vulnerability in DevItems HT Mega ht-mega-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HT Mega: from n/a through = 2.9.0...

Rancher 信息泄露漏洞

Rancher is an open source container management platform open-sourced by Rancher in the United States, built for organizations that deploy containers in production environments. An information disclosure vulnerability exists in Rancher versions 2.8.0 through prior to 2.8.10 and 2.9.0 through prior...

CVE-2025-21514

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

CVE-2025-21512

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

Oracle JD Edwards Products 安全漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle Corporation USA. The products provide application modules for financial management, project management, and asset lifecycle management. A security vulnerability exists in Oracle JD...

SUSE-SU-2023:3778-1 Security update for wireshark

This update for wireshark fixes the following issues: - Wireshark update to v3.6.16. - CVE-2023-4512: Fixed a bug in CBOR dissector which could lead to crash. bsc1214561 - CVE-2023-4511: Fixed a bug in BT SDP dissector which could lead to an infinite loop. bsc1214560 - CVE-2023-4513: Fixed a bug ...

UBUNTU-CVE-2022-39319

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the urbdrc channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in...

CVE-2022-2906

creationtimestamp| type| source ---|---|--- 2022-09-21 14:40:58+00:00| seen| https://t.me/cibsecurity/50191 2022-09-26 14:13:02+00:00| seen| https://t.me/truesecator/3465...

clip-jax (=0.0.5) potentially affected by CVE-2022-35984 via tensorflow-cpu (=2.9.0)

tensorflow-cpu PYPI version =2.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - clip-jax =0.0.5 Source cves: CVE-2022-35984 Source advisory: OSV:GHSA-P2XF-8HGM-HPW5...

clip-jax (=0.0.5) potentially affected by CVE-2022-35964 via tensorflow-cpu (=2.9.0)

tensorflow-cpu PYPI version =2.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - clip-jax =0.0.5 Source cves: CVE-2022-35964 Source advisory: OSV:GHSA-F7R5-Q7CX-H668...

aliby (>=0.1.18 <=0.1.55), aliby-baby (>=0.1.11 <=0.1.17) +29 more potentially affected by CVE-2022-35987 via tensorflow (>=2.9.0 <=2.9.0rc2)

tensorflow PYPI version =2.9.0, =0.1.18, =0.1.11, =0.30.0, =0.0.0, =1.3.0, =0.3.0, =1.0.1, =1.2.0, =0.0.6, =1.0.12, =0.1.0, =0.1.1 and more Source cves: CVE-2022-35987 Source advisory: OSV:GHSA-W62H-8XJM-FV49...

CVE-2022-24701

An issue was discovered in WinAPRS 2.9.0. A buffer overflow in national.txt processing allows a local attacker to cause a denial of service or possibly achieve code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2022-29028

A vulnerability has been identified in JT2Go All versions V13.3.0.3, Teamcenter Visualization V13.3 All versions V13.3.0.3, Teamcenter Visualization V14.0 All versions V14.0.0.1. The TiffLoader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker...

PT-2022-19453 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description: The implementation of tf.raw ops.QuantizedConv2D does not fully validate the input...