593 matches found
EUVD-2022-6717
Malicious code in bioql PyPI...
EUVD-2022-6964
Malicious code in bioql PyPI...
EUVD-2022-6871
Malicious code in bioql PyPI...
EUVD-2022-6816
Malicious code in bioql PyPI...
EUVD-2022-6976
Malicious code in bioql PyPI...
EUVD-2022-6925
Malicious code in bioql PyPI...
EUVD-2022-6807
Malicious code in bioql PyPI...
EUVD-2022-7399
Malicious code in bioql PyPI...
EUVD-2022-6810
Malicious code in bioql PyPI...
EUVD-2022-7333
Malicious code in bioql PyPI...
EUVD-2022-7388
Malicious code in bioql PyPI...
EUVD-2022-6949
Malicious code in bioql PyPI...
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal via insufficient validation in the getConfigFile function in the UIConfigRest class. An attacker can gain unauthorized access to files located in directories that share a common prefix with the intended folder by...
Use of Externally-Controlled Format String
Overview Affected versions of this package are vulnerable to Use of Externally-Controlled Format String via the InterpretImageFilename function, where user input is directly passed to FormatLocaleString without proper sanitization. An attacker can execute arbitrary code or cause a heap-based buff...
Security Bulletin: NVIDIA WebDataset - August 2025
NVIDIA has released a software update for NVIDIA WebDataset. To protect your system, install the software including the Github commit 9e95f50 of NVIDIA WebDataset. Go to NVIDIA Product Security...
Security Bulletin: NVIDIA Isaac-GR00T - August 2025
NVIDIA has released a software update for NVIDIA Isaac-GR00T. To protect your system, install the software including the Github commit 9ca97e1 of NVIDIA Isaac-GR00T. Go to NVIDIA Product Security...
Information Exposure
Overview lollms is a python library for AI personality definition Affected versions of this package are vulnerable to Information Exposure via the authenticateuser function in the /server/endpoints/lollmsauthentication.py file. An attacker can enumerate valid usernames and incrementally guess...
CVE-2022-41885
TensorFlow is an open source platform for machine learning. When tf.rawops.FusedResizeAndPadConv2D is given a large tensor shape, it overflows. We have patched the issue in GitHub commit d66e1d568275e6a2947de97dca7a102a211e01ce. The fix will be included in TensorFlow 2.11. We will also cherrypick...
CVE-2022-36004
TensorFlow is an open source platform for machine learning. When tf.random.gamma receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The fix will be included i...
CVE-2022-36005
TensorFlow is an open source platform for machine learning. When tf.quantization.fakequantwithminmaxvarsgradient receives input min or max that is nonscalar, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...