HP Integrated Lights-Out Denial of Service (CVE-2015-5436)

A potential security vulnerability has been identified with HP Integrated Lights-Out 4 iLO 4 firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service DoS. Note this was originally published in 2015 however the CVE ent...

PT-2024-19247 · Jenkins · Jenkins Docker-Build-Step Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins docker-build-step Plugin versions 2.11 and earlier Description: A missing permission check in an HTTP endpoint allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigur...

PT-2024-19700 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 2.9.1 a-blog cms versions 2.9.0 and earlier a-blog cms versions 2.10.x through 2.10.49 a-blog cms versions 2.11.x through 2.11.57 a-blog cms versions 3.0.x through 3.0.28 a-blog cms versions 3.1.x through 3.1.6...

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. An input validation error vulnerability exists in Google TensorFlow version 2.12 prior to version 2.12.0 and version 2.11 prior to version 2.11.1, which stems from...

AZL-11527 CVE-2022-41888 affecting package tensorflow for versions less than 2.11.0-1

TensorFlow is an open source platform for machine learning. When running on GPU, tf.image.generateboundingboxproposals receives a scores input that must be of rank 4 but is not checked. We have patched the issue in GitHub commit cf35502463a88ca7185a99daa7031df60b3c1c98. The fix will be included i...

CVE-2022-41908 `CHECK` fail via inputs in `PyFunc` in Tensorflow

TensorFlow is an open source platform for machine learning. An input token that is not a UTF-8 bytestring will trigger a CHECK fail in tf.rawops.PyFunc. We have patched the issue in GitHub commit 9f03a9d3bafe902c1e6beb105b2f24172f238645. The fix will be included in TensorFlow 2.11. We will also...

CVE-2021-32681

Wagtail is an open source content management system built on Django. A cross-site scripting vulnerability exists in versions 2.13-2.13.1, versions 2.12-2.12.4, and versions prior to 2.11.8. When the % includeblock % template tag is used to output the value of a plain-text StreamField block...

PYSEC-2021-103

Wagtail is an open source content management system built on Django. A cross-site scripting vulnerability exists in versions 2.13-2.13.1, versions 2.12-2.12.4, and versions prior to 2.11.8. When the % includeblock % template tag is used to output the value of a plain-text StreamField block...

PT-2015-6911 · Hewlett Packard · Ilo 4 +1

Name of the Vulnerable Software and Affected Versions: HP Integrated Lights-Out 4 iLO 4 versions 2.11 through 2.30 Description: A potential security issue has been identified that could be exploited remotely, resulting in Denial of Service DoS. The issue was originally published in 2015...