CVE-2021-41208

TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service via dereferencing nullptrs or via CHECK-failures as well as abuse undefined behavior binding...

Impact of Azure AD Graph Deprecation on Veeam Backup for Microsoft Azure

Challenge Data protection of Azure services may fail using any version of Veeam Backup for Microsoft Azure below v6 build number 6.0.0.234. Cause Starting February 1, 2025, Microsoft has retired Azure AD Graph. As a result, any application relying on Azure AD Graph will be unable to make requests...

BIT-TENSORFLOW-2021-41208 Incomplete validation in boosted trees code

TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service via dereferencing nullptrs or via CHECK-failures as well as abuse undefined behavior binding...

Multiple issues involving quote API in shlex

Issue 1: Failure to quote characters Affected versions of this crate allowed the bytes and \xa0 to appear unquoted and unescaped in command arguments. If the output of quote or join is passed to a shell, then what should be a single command argument could be interpreted as multiple arguments. Thi...

Use of deprecated Chainlink's latestAnswer API

Handle UncleGrandpa925 Vulnerability details Issue In EIP1271Wallet.sol, the function validateOrder uses the deprecated latestAnswer of Chainlink. This function might suddenly stop working if Chainlink stopped supporting it, and also will not error if no answer has been reached but returns 0...

PYSEC-2021-815

TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service via dereferencing nullptrs or via CHECK-failures as well as abuse undefined behavior binding...

Use of deprecated Chainlink API

Handle 0xRajeev Vulnerability details Impact The contracts use Chainlink’s deprecated API latestAnswer. Such functions might suddenly stop working if Chainlink stopped supporting deprecated APIs. Impact: Deprecated API stops working. Prices cannot be obtained. Protocol stops and contracts have to...

Google Making Life Difficult for Ransomware to Thrive on Android

SINT MAARTEN—Google has never been shy about sharing security enhancements and victories in Android. The mobile operating system is tweaked at every iteration to fend off threats posed by potentially harmful apps and attacks against devices. At the recent Kaspersky Lab Security Analyst Summit,...

SUSE-SU-2016:2871-1 Security update for libtcnative-1-0

This update for libtcnative-1-0 fixes the following issues: - Upgrade to libtcnative-1.1.34 bugfix release bsc1004455 See https://tomcat.apache.org/native-1.1-doc/miscellaneous/changelog.html Unconditionally disable export Ciphers. Improve ephemeral key handling for DH and ECDH. Parameter strengt...