Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2023/10/05 12:0 a.m.5 views

PT-2023-20532 · Unknown · Geokit-Rails

Name of the Vulnerable Software and Affected Versions: geokit-rails versions prior to 2.5.0 Description: The issue is related to Command Injection due to unsafe deserialization of YAML within the geo location cookie. This can be exploited remotely via a malicious cookie value, allowing an attacke...

9.8CVSS9.6AI score0.03241EPSS
Exploits1References14
CNNVD
CNNVD
added 2022/06/27 12:0 a.m.5 views

BigBlueButton 跨站脚本漏洞

BigBlueButton is an open source Web conferencing system from the BigBlueButton community.A cross-site scripting vulnerability exists in versions prior to BigBlueButton 2.4.8 and prior to 2.5.0, which stems from users in private chat-enabled meetings being vulnerable to malicious JavaScript attack...

6.5CVSS5.2AI score0.00718EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/05/14 12:0 a.m.11 views

PT-2021-18331 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: The implementation of tf.raw ops.FractionalMaxPoolGrad triggers an undefined behavior if one o...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2021/05/14 12:0 a.m.6 views

PT-2021-18287 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: An attacker can cause a heap buffer overfl...

7.8CVSS7.7AI score0.00211EPSS
Exploits1References13
Prion
Prion
added 2021/04/26 3:15 p.m.14 views

Design/Logic Flaw

A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. The FreeIPA module of Foreman smart proxy does not check the SSL certificate, thus, an unauthenticated attacker can perform actions in FreeIPA if...

4.3CVSS5.8AI score0.00369EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/09/03 12:0 a.m.3 views

PT-2019-18009 · Lenovo · Lenovo Xclarity Administrator

Name of the Vulnerable Software and Affected Versions: Lenovo XClarity Administrator versions prior to 2.5.0 Description: A reflected cross-site scripting issue was reported that could allow a crafted URL to cause JavaScript code to be executed in the user's web browser. The JavaScript code is no...

6.1CVSS6.2AI score0.00823EPSS
Exploits0References2
Rows per page
Query Builder