Google TensorFlow buffer overflow vulnerability (CNVD-2021-64533)

Google TensorFlow, an end-to-end open source platform for machine learning from Google, has a security vulnerability stemming from the program "tf.rawops. DatasetToTFRecord" implementations can trigger heap buffer overflow and segmentation errors. No detailed vulnerability details are available...

Debian DLA-2734-1 : curl - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2734 advisory. - curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl, is used to send...

Adobe Reader DC Continuous Security Update (APSB21-51) - Mac OS X

The host is missing an important security update according to Adobe August update. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Adobe Reader Classic 2020 Security Update (APSB21-51) - Mac OS X

The host is missing an important security update according to Adobe August update. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Kernel update: Virtuozzo ReadyKernel patch 131.0 for Virtuozzo Hybrid Server 7.0

The cumulative Virtuozzo ReadyKernel patch was updated with a stability fix. The patch applies to the kernels 3.10.0-1062.4.2.vz7.116.7 Virtuozzo Hybrid Server 7.0.12 HF1, 3.10.0-1062.12.1.vz7.131.10 Virtuozzo Hybrid Server 7.0.13, 3.10.0-1127.8.2.vz7.151.14 Virtuozzo Hybrid Server 7.0.14,...

Adobe Acrobat DC Continuous Security Update (APSB21-51) - Windows

The host is missing an important security update according to Adobe August update. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

The vulnerability of the web component of the Essbase Analytic Provider Services allows a perpetrator to trigger a service failure.

The vulnerability of the Essbase Analytic Provider Services web component is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the wswprintf function in the AEAgent.cpp file of the ManageEngine AssetExplorer software, which allows a attacker to trigger a buffer overflow.

The vulnerability of the wswprintf function in the AEAgent.cpp file of the ManageEngine AssetExplorer software for managing IT assets is related to errors during certificate verification. Exploiting this vulnerability could allow a malicious actor to trigger a heap overflow...

Google TensorFlow 代码问题漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from the fact that the SVDF implementation in TFLite is vulnerable to a null pointer error in the affected version. An attacker could...

The vulnerability of the manager for Cockpit servers, related to errors in displaying the user interface or frames, allows a perpetrator to inject malicious code.

The vulnerability of the Cockpit server administrator relates to errors in displaying the user interface or frames. Exploiting this vulnerability allows a malicious actor to inject malicious code remotely...

Adobe Reader DC Continuous Security Updates (APSB21-51) - Windows

The host is missing an important security update according to Adobe August update. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

wildfly: resource adapter logs plaintext JMS password at warning level on connection error

A flaw was found in wildfly. JMS passwords are logged by the resource adaptor in plain text at the warning level when a connection error occurs allowing any user that has access to the log to gain access to this sensitive information. The highest threat from this vulnerability is to data...

Microsoft Windows Defender Multiple RCE Vulnerabilities (Jul 2021)

This host is missing a critical security update according to Microsoft Security Updates released for Microsoft Windows Defender Protection Engine dated 13-07-2021. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

The vulnerability of the Red Hat OpenShift Container Platform corporate platform, related to errors in authentication procedures, allows a perpetrator to gain access to protected information.

The vulnerability of the Red Hat OpenShift Container Platform is related to errors in the authentication process. Exploiting this vulnerability can allow a malicious actor to gain access to protected information remotely...

The vulnerability of the Elastic Cloud Enterprise analytics platform, related to security configuration errors, allows a perpetrator to gain access to protected information.

The vulnerability of the Elastic Cloud Enterprise analytics platform is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to gain access to protected information...

The vulnerability of Kubernets Rancher cluster management software lies in errors during the processing of input data, which allows attackers to escalate their privileges.

The vulnerability of Kubernets Rancher cluster management software is related to errors in processing input data. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

The vulnerability of the Edge Installer component of the Microsoft Edge browser allows a perpetrator to elevate their privileges and execute arbitrary code.

The vulnerability of the Microsoft Edge browser’s Edge Installer component is related to errors during the connection to directories. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

PT-2021-3919 · Microsoft · Sharepoint Server

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to errors in displaying information to the user interface, which can be exploited by a remote attacker to conduct spoofing attacks. This allows...

ZTE ZXHN H2640 后置链接漏洞

The ZTE ZXHN H2640 is a home gateway device from ZTE Corporation China.An information disclosure vulnerability exists in the ZTE ZXHN H2640, which stems from a configuration and other errors in the network system or product during operation. An unauthorized attacker could exploit the vulnerabilit...

The vulnerability of the Mozilla Firefox browser, related to information representation errors, allows attackers to perform spear-phishing attacks.

The vulnerability of the Mozilla Firefox browser is related to errors in the object model representation of documents. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks remotely...