hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +95 more potentially affected by CVE-2021-37657 via tensorflow-cpu (>=1.15.0 <=2.3.1)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2021-37657 Source advisory: OSV:GHSA-5XWC-MRHX-5G3M...

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +95 more potentially affected by CVE-2021-37678 via tensorflow-cpu (>=1.15.0 <=2.3.1)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2021-37678 Source advisory: OSV:GHSA-R6JX-9G48-2R5R...

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...

Mitsubishi Electric MELSEC iQ-R series 授权问题漏洞

The Mitsubishi Electric MELSEC iQ-R series is a programmable logic controller from Mitsubishi Electric, Japan. An authorization issue vulnerability exists in the Mitsubishi Electric MELSEC iQ-R series, which arises from a flaw in the logic of the product login module. An attacker could lock out a...

CVE-2021-26314

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage...

AMD CPU 信息泄露漏洞

AMD CPUs are a family of CPUs from the American company AMD. An information disclosure vulnerability exists in AMD CPUs that originates from errors such as configuration during operation of a networked system or product. An unauthorized attacker could exploit the vulnerability to obtain sensitive...

complaintclassify (=0.0.9) potentially affected by CVE-2021-29598 via tensorflow-cpu (=2.4.0)

tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-29598 Source advisory: OSV:GHSA-PMPR-55FJ-R229...

jetty: Resource exhaustion when receiving an invalid large TLS frame

When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large greater than 17408 TLS frame that is incorrectly handled, causing high CPU resources utilization. The highest threat from this vulnerability is to service availability...

pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2021-29588 via tensorflow-cpu (=2.2.0)

tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2021-29588 Source advisory: OSV:PYSEC-2021-516...

c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-29530 via tensorflow-cpu (=2.3.1)

tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-29530 Source advisory: OSV:PYSEC-2021-458...

c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-29520 via tensorflow-cpu (=2.3.1)

tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-29520 Source advisory: OSV:PYSEC-2021-448...

complaintclassify (=0.0.9) potentially affected by CVE-2021-29578 via tensorflow-cpu (=2.4.0)

tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-29578 Source advisory: OSV:PYSEC-2021-506...

aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29518 via tensorflow-cpu (>=1.15.0 <=2.1.0)

tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29518 Source advisory: OSV:PYSEC-2021-446...

DEBIAN-CVE-2021-28089

Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001...

pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2020-26268 via tensorflow-cpu (=2.2.0)

tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2020-26268 Source advisory: OSV:GHSA-HHVC-G5HV-48C6...

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...