Crawpy - Yet Another Content Discovery Tool

Yet another content discovery tool written in python. What makes this tool different than others: It is written to work asynchronously which allows reaching to maximum limits. So it is very fast. Calibration mode, applies filters on its own Has bunch of flags that helps you fuzz in detail Recursi...

Low: Red Hat Security Advisory: Red Hat AMQ Broker 7.9.1 release and security update

Red Hat AMQ Broker 7.9.1 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

PT-2021-16313 · WordPress · Stylish Cost Calculator

Name of the Vulnerable Software and Affected Versions: Stylish Cost Calculator WordPress plugin versions prior to 7.0.4 Description: The issue is related to the lack of authorization and CSRF checks on some AJAX actions in the plugin, which are available to authenticated users. This could allow a...

The vulnerability of the asynchronous components of the “ASSaD-Video” surveillance system, related to uncontrolled resource consumption, allows a intruder to cause a service failure.

The vulnerability of the asynchronous components of the “ASSaD-Video” surveillance system is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

WordPress 插件 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is a WordPress open source application plugin. cross-site request forgery vulnerability exists in...

Dell PowerScale OneFS Denial of Service Vulnerability

Dell PowerScale OneFS is the PowerScale OneFS operating system that provides horizontal scaling NAS. A security vulnerability exists in Dell PowerScale OneFS that stems from Dell PowerScale OneFS containing asynchronous access to shared data in the context of multi-threaded SMB CA processing. An...

Dell Technologies Dell PowerScale OneFS 安全漏洞

Dell PowerScale OneFS is the PowerScale OneFS operating system that provides horizontal scaling NAS. A security vulnerability exists in Dell PowerScale OneFS that stems from Dell PowerScale OneFS containing asynchronous access to shared data in the context of multi-threaded SMB CA processing. An...

GHSA-GPFH-JVF9-7WG5 Use after free / memory leak in `CollectiveReduceV2`

Impact The async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free: python import tensorflow as tf tf.rawops.CollectiveReduceV2 input=, groupsize=-10, -10, -10, groupkey=-10, -10, instancekey=-10, orderingtoken=, mergeop='Mul', finalop='Div' This occurs due to t...

Google TensorFlow Resource Management Error Vulnerability (CNVD-2021-92552)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A resource management error vulnerability exists in Google TensorFlow due to a memory leak and post-release usage issue in the asynchronous implementation of CollectiveReduceV2. This occurs due to...

CVE-2021-24801

The WP Survey Plus WordPress plugin through 1.0 does not have any authorisation and CSRF checks in place in its AJAX actions, allowing any user to call them and add/edit/delete Surveys. Furthermore, due to the lack of sanitization in the Surveys' Title, this could also lead to Stored Cross-Site...

Wordpress plugin WP Survey Plus 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the erection of personal blog sites on PHP and MySQL servers. WordPress Plugin is a WordPress open source application plugin. access control error vulnerability in Wordpress...

PYSEC-2021-629

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...

PYSEC-2021-629

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...

PYSEC-2021-827

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...

CVE-2021-41220 Use after free in `CollectiveReduceV2`

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...

CVE-2021-41220

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...

Google TensorFlow 资源管理错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A resource management error vulnerability exists in Google TensorFlow due to a memory leak and post-release usage issue in the asynchronous implementation of CollectiveReduceV2. This occurs due to...

CVE-2021-39333

The Hashthemes Demo Importer Plugin = 1.1.1 for WordPress contained several AJAX functions which relied on a nonce which was visible to all logged-in users for access control, allowing them to execute a function that truncated nearly all database tables and removed the contents of...

WordPress 访问控制错误漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An access control error vulnerability exists in WordPress Plugins, which stems from The Stylish Pric...

Modern-Async 资源管理错误漏洞

Modern-Async is a modern JavaScript tool library for asynchronous operations using Async/Await and Promise. A resource management error vulnerability exists in modern-async that arises from improper design or implementation during code development for a networked system or product...