2412 matches found
CHIYU TCP/IP Converter - Carriage Return Line Feed Injection
CHIYU TCP/IP Converter BF-430, BF-431, and BF-450 are susceptible to carriage return line feed injection. The redirect= parameter, available on multiple CGI components, is not properly validated, thus enabling an attacker to obtain sensitive information, modify data, and/or execute unauthorized...
WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect
WordPress WebP Converter for Media 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an open redirect issue. id: CVE-2021-25074 info: name: WordPress WebP Converter for Media 4.0.3 - Unauthenticated Open Redirect author:...
EUVD-2026-42853
R-SOFT DMS is vulnerable to OS Command Injection in konwertujAction function. The document converter executes shell commands using unsanitized file paths and format parameters. This allows an authenticated attacker to execute arbitrary system commands with the privileges of the web server user...
CVE-2026-44512
A flaw was found in Open Neural Network Exchange ONNX, an open standard for machine learning interoperability. This vulnerability allows a remote attacker to cause an unrecoverable denial of service DoS by providing a specially crafted untrusted model. The flaw occurs when the...
CVE-2026-44512
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. From 1.9.0 before 1.22.0, onnx.versionconverter.convertversion can dereference a null pointer in Upsample67::adaptupsample67 in onnx/versionconverter/adapters/upsample67.h when processing an untrusted mod...
UBUNTU-CVE-2026-44512
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. From 1.9.0 before 1.22.0, onnx.versionconverter.convertversion can dereference a null pointer in Upsample67::adaptupsample67 in onnx/versionconverter/adapters/upsample67.h when processing an untrusted mod...
CVE-2026-44512 ONNX: Null Pointer Dereference in Upsample Version Converter Adapter (Zero Inputs)
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. From 1.9.0 before 1.22.0, onnx.versionconverter.convertversion can dereference a null pointer in Upsample67::adaptupsample67 in onnx/versionconverter/adapters/upsample67.h when processing an untrusted mod...
CVE-2026-44512
Open Neural Network Exchange (ONNX) has a vulnerability in version_converter.convert_version() for opset upgrades prior to 1.22.0. The Upsample_6_7 adapter dereferences inputs()[0] without validating that inputs exist, causing a null-pointer dereference (SIGSEGV) when processing a model with an U...
CVE-2026-44512 ONNX: Null Pointer Dereference in Upsample Version Converter Adapter (Zero Inputs)
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. From 1.9.0 before 1.22.0, onnx.versionconverter.convertversion can dereference a null pointer in Upsample67::adaptupsample67 in onnx/versionconverter/adapters/upsample67.h when processing an untrusted mod...
ONNX has Null Pointer Dereference in Upsample Version Converter Adapter (Zero Inputs)
Summary Null pointer dereference SIGSEGV in Upsample67::adaptupsample67 onnx/versionconverter/adapters/upsample67.h:31 when convertversion processes a model with an Upsample node that has zero inputs. The adapter accesses node-inputs0-sizes without checking input count. 107-byte PoC crashes on...
PYSEC-2026-965 TensorFlow segfault TFLite converter on per-channel quantized transposed convolutions
Impact When converting transposed convolutions using per-channel weight quantization the converter segfaults and crashes the Python process. python import tensorflow as tf class QuantConv2DTransposedtf.keras.layers.Layer: def buildself, inputshape: self.kernel = self.addweight"kernel", 3, 3,...
PT-2026-56215
Name of the Vulnerable Software and Affected Versions Open Neural Network Exchange ONNX versions 1.9.0 through 1.21.0 Description Processing an untrusted model with an Upsample node containing zero inputs can lead to an unrecoverable denial of service. The issue occurs when the onnx.version...
CVE-2026-54164 API Platform Core: Missing IRI type check enables resource type confusion
API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. In versions prior to 4.1.30, 4.2.26 and 4.3.12, the serializer's AbstractItemNormalizer does not validate the resource type returned when resolving relation IRIs, allowing type confusion where a resource of an...
CVE-2026-54889 Unsanitized URL schemes in MDEx Quill Delta output allow javascript: injection (XSS)
Improper Neutralization of Input During Web Page Generation XSS vulnerability in leandrocp mdex allows cross-site scripting via unsanitized URL schemes in Quill Delta output. 'Elixir.MDEx':todelta/2 converts Markdown into a Quill Delta. 'Elixir.MDEx.DeltaConverter':defaultconvertnode/3 in...
MAL-2026-6541 Malicious code in pdf-converter-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b3a5f6d1d39c20feca11d0129f0efa21bdf564586045555b756cc25bce73efc Package is advertised as a PDF converter but contains no PDF generation code. Its sole public method TXTtoPDFConverter.createpdftxtpath, pdfpath is...
Malicious code in pdf-converter-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b3a5f6d1d39c20feca11d0129f0efa21bdf564586045555b756cc25bce73efc Package is advertised as a PDF converter but contains no PDF generation code. Its sole public method TXTtoPDFConverter.createpdftxtpath, pdfpath is...
EUVD-2026-35795
Ellucian Banner Self-Service before the April T2 release 2025-04-23 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting unsanitized input through the toDateFormat request parameter in the...
CVE-2026-41855
In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageConverter and org.springframework.jms.support.converter.JacksonJsonMessageConverter allow arbitrary class instantiation, which can lead to unauthorized actions via gadget class deserialization. Affect...
UBUNTU-CVE-2026-41855
In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageConverter and org.springframework.jms.support.converter.JacksonJsonMessageConverter allow arbitrary class instantiation, which can lead to unauthorized actions via gadget class deserialization. Affect...
PT-2026-48219
Name of the Vulnerable Software and Affected Versions Ellucian Banner Self-Service versions prior to April T2 release 2025-04-23 Description A reflected cross-site scripting issue exists where unauthenticated attackers can execute arbitrary JavaScript in a victim's browser. This is achieved by...