937 matches found
Selmer-Inspired Elliptic Curve Generation
Elliptic curve cryptography ECC is foundational to modern secure communication, yet existing standard curves have faced scrutiny for opaque parameter-generation practices. This work introduces a Selmer-inspired framework for constructing elliptic curves that is both transparent and auditable...
CVE-2025-57769
CVE-2025-57769 affects FreshRSS
Linux Distros Unpatched Vulnerability : CVE-2025-55556
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in the application. CVE-2025-55556 Note that...
CVE-2025-11046
A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. The manipulation of the argument baseUrl results in server-side request forgery. The attack can be launched remotely. The exploit has been...
CVE-2025-7647
CVE-2025-7647 affects llama-index-core up to version 0.12.44, with a vulnerability in get_cache_dir() that uses a predictable, hardcoded directory path (/tmp/llama_index) on Linux. On multi-user Linux systems, this insecure temporary directory can enable local attackers to steal proprietary model...
CVE-2025-11046
A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. The manipulation of the argument baseUrl results in server-side request forgery. The attack can be launched remotely. The exploit has been...
CVE-2025-11046 Tencent WeKnora test testEmbeddingModel server-side request forgery
A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. The manipulation of the argument baseUrl results in server-side request forgery. The attack can be launched remotely. The exploit has been...
CVE-2025-11046 Tencent WeKnora test testEmbeddingModel server-side request forgery
A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. The manipulation of the argument baseUrl results in server-side request forgery. The attack can be launched remotely. The exploit has been...
CVE-2025-11046
CVE-2025-11046 affects Tencent WeKnora 0.1.0. The vulnerability resides in the testEmbeddingModel function under /api/v1/initialization/embedding/test, where manipulating the baseUrl argument can trigger server-side request forgery (SSRF) and may be exploited remotely. The exploit has been releas...
WeKnora 代码问题漏洞
WeKnora is an LLM-based framework open-sourced by Tencent, with features such as deep document understanding, semantic retrieval and context-aware answers using the RAG paradigm. A code issue vulnerability exists in WeKnora version 0.1.0, which stems from incorrect manipulation of the parameter...
PT-2025-39691
Name of the Vulnerable Software and Affected Versions Tencent WeKnora version 0.1.0 Description A security flaw exists in Tencent WeKnora version 0.1.0. The testEmbeddingModel function within the /api/v1/initialization/embedding/test file is susceptible to server-side request forgery. Manipulatio...
PT-2025-39694
Name of the Vulnerable Software and Affected Versions Apollo Studio Embeddable Explorer versions prior to 3.7.3 Apollo Studio Embeddable Sandbox versions prior to 2.7.2 Description A cross-site request forgery CSRF issue was identified in Apollo Studio Embeddable Explorer and Embeddable Sandbox...
CVE-2025-55556
TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in the application...
DEBIAN-CVE-2025-55556
TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in the application...
CVE-2025-55556
TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in the application...
UBUNTU-CVE-2025-55556
TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in the application...
Incorrect Calculation
Overview tensorflow is a machine learning framework. Affected versions of this package are vulnerable to Incorrect Calculation via the Embedding operator that always outputs 0 without XLA when inputdim=1 is set. An attacker can cause the application to produce unpredictable or incorrect outputs b...
CVE-2025-55556
CVE-2025-55556 affects TensorFlow version 2.18.0, where the Embedding operator may output random results during compilation, causing unexpected application behavior. The issue is described across multiple sources (NVD, OSV entries, and related advisories) as a reproducible defect in Embedding com...
TensorFlow 安全漏洞
TensorFlow is a suite of end-to-end open source platforms for machine learning open-sourced by TensorFlow. A security vulnerability exists in TensorFlow version 2.18.0 that stems from the output of random results when compiling Embedding, which could lead to unexpected behavior in the application...
CVE-2025-55556
TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in the application...