jenkins: improper permission checks allow canceling queue items and aborting builds

Incorrect Authorization vulnerability was found in Jenkins. Users with Item/Cancel permission are able to cancel queue items and abort builds of jobs even when they do not have Item/Read permission...

Google TensorFlow suffers from an unspecified vulnerability (CNVD-2022-09854)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a security vulnerability that can be exploited by an attacker to cause a runtime abort process...

jenkins: improper permission checks allow canceling queue items and aborting builds

Incorrect Authorization vulnerability was found in Jenkins. Users with Item/Cancel permission are able to cancel queue items and abort builds of jobs even when they do not have Item/Read permission...

openSUSE 15 Security Update : xen (openSUSE-SU-2021:1236-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1236-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via...

SUSE SLES12 Security Update : xen (SUSE-SU-2021:2957-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2957-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosu...

openSUSE 15 Security Update : xen (openSUSE-SU-2021:2923-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2923-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via...

SUSE SLES15 Security Update : xen (SUSE-SU-2021:2943-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2943-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosu...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2021:2922-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2922-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure...

SUSE SLES12 Security Update : xen (SUSE-SU-2021:2955-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2955-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosu...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2021:2924-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2924-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2021:2923-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2923-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure...

Uncontrolled recursion leads to abort in deserialization

Affected versions of this crate did not properly check for recursion while deserializing aliases. This allows an attacker to make a YAML file with an alias referring to itself causing an abort. The flaw was corrected by checking the recursion depth...

GHSA-2GRH-HM3W-W7HV Race condition in tokio

When aborting a task with JoinHandle::abort, the future is dropped in the thread calling abort if the task is not currently being executed. This is incorrect for tasks spawned on a LocalSet. This can easily result in race conditions as many projects use Rc or RefCell in their Tokio tasks for bett...

GHSA-7J44-FV4X-79G9 Improper Input Validation in once_cell

If during the first dereference of Lazy the initialization function panics, subsequent dereferences will execute std::hints::unreachableunchecked. Applications with panic = "abort" are not affected, as there will be no subsequent dereferences...

Improper Input Validation in once_cell

If during the first dereference of Lazy the initialization function panics, subsequent dereferences will execute std::hints::unreachableunchecked. Applications with panic = "abort" are not affected, as there will be no subsequent dereferences...

GHSA-27J5-4P9V-PP67 `std::abort` raised from `TensorListReserve`

Impact Providing a negative element to numelements list argument of tf.rawops.TensorListReserve causes the runtime to abort the process due to reallocating a std::vector to have a negative number of elements: python import tensorflow as tf tf.rawops.TensorListReserve elementshape = tf.constant1,...

`std::abort` raised from `TensorListReserve`

Impact Providing a negative element to numelements list argument of tf.rawops.TensorListReserve causes the runtime to abort the process due to reallocating a std::vector to have a negative number of elements: python import tensorflow as tf tf.rawops.TensorListReserve elementshape = tf.constant1,...

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.

...

jenkins: improper permission checks allow canceling queue items and aborting builds

Incorrect Authorization vulnerability was found in Jenkins. Users with Item/Cancel permission are able to cancel queue items and abort builds of jobs even when they do not have Item/Read permission...

CVE-2021-37644

TensorFlow is an end-to-end open source platform for machine learning. In affected versions providing a negative element to numelements list argument of tf.rawops.TensorListReserve causes the runtime to abort the process due to reallocating a std::vector to have a negative number of elements. The...