Lucene search
K

128102 matches found

CVE
CVE
added 4 days ago30 views

CVE-2026-40008

CVE-2026-40008 concerns Apache IoTDB and is caused by the pipe processor reading a fully-qualified Java class name and calling Class.forName().newInstance() without validation or allowlisting (Unsafe Reflection). Affected versions are 1.0.0 up to, but not including, 2.0.10. The issue enables arbi...

9.8CVSS6.1AI score0.00332EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-56666

Name of the Vulnerable Software and Affected Versions Drupal Raw Formatter Meta Tag Formatter affected versions not specified Description A security issue exists in the Drupal Raw Formatter Meta Tag Formatter module. Recommendations At the moment, there is no information about a newer version tha...

6.1AI score0.00236EPSS
Exploits0References4
OSV
OSV
added 2026/07/07 2:34 p.m.5 views

PYSEC-2026-1962 TensorFlow has segfault in array_ops.upper_bound

Impact arrayops.upperbound causes a segfault when not given a rank 2 tensor. Patches We have patched the issue in GitHub commit 915884fdf5df34aaedd00fc6ace33a2cfdefa586. The fix will be included in TensorFlow 2.13. We will also cherrypick this commit in TensorFlow 2.12.1. For more information...

8.7CVSS5.9AI score0.00429EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 2:34 p.m.5 views

PYSEC-2026-1954 Invalid char to bool conversion when printing a tensor

Impact When printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. Patches We have patched the issu...

4.8CVSS6AI score0.00389EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 11:45 a.m.4 views

PYSEC-2026-1960 TensorFlow has Floating Point Exception in AudioSpectrogram

Impact version:2.11.0 //core/ops/audioops.cc:70 Status SpectrogramShapeFnInferenceContext c ShapeHandle input; TFRETURNIFERRORc-WithRankc-input0, 2, &input; int32t windowsize; TFRETURNIFERRORc-GetAttr"windowsize", &windowsize; int32t stride; TFRETURNIFERRORc-GetAttr"stride", &stride; .....1...

7.5CVSS6.6AI score0.00383EPSS
Exploits0References6
OSV
OSV
added 2026/07/07 11:45 a.m.4 views

PYSEC-2026-1964 TensorFlow has Floating Point Exception in AvgPoolGrad with XLA

Impact If the stride and window size are not positive for tf.rawops.AvgPoolGrad, it can give an FPE. python import tensorflow as tf import numpy as np @tf.functionjitcompile=True def test: y = tf.rawops.AvgPoolGradoriginputshape=1,0,0,0, grad=0.39117979, ksize=1,0,0,0, strides=1,0,0,0,...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-971 Tensorflow vulnerable to Out-of-Bounds Read

Impact When the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob vuln occurs. python tf.rawops.ThreadUnsafeUnigramCandidateSampler trueclasses=0x100000,1, numtrue = 2, numsampled = 2, unique = False, rangemax = 2, seed = 2, seed2 = 2 Patches We have...

6.8CVSS5.9AI score0.0038EPSS
Exploits1References7
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1032 Missing validation results in undefined behavior in `SparseTensorDenseAdd

Impact The implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments: python import tensorflow as tf aindices = tf.constant0, shape=17, 2, dtype=tf.int64 avalues = tf.constant, shape=0, dtype=tf.float32 ashape = tf.constant6, 12, shape=2, dtype=tf.int64 b =...

5.5CVSS6.1AI score0.00338EPSS
Exploits1References11
Github Security Blog
Github Security Blog
added 2026/07/01 3:59 p.m.11 views

6 security settings every GitHub maintainer should enable this week

At GitHub Security Lab, we spend a lot of our week talking to maintainers. Some find the settings page dense and the docs sprawl. Most maintainers we talk to weren't hired to be security engineers. While this is true, ignoring a project's security settings completely will lead into leaving a lot ...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-53972

Name of the Vulnerable Software and Affected Versions coturn versions prior to 4.13.0 Description An authenticated TURN client can bypass the default loopback guard by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 within a TURN XOR-PEER-ADDRESS attribute. This occurs because the ioa ad...

7.4CVSS6.1AI score0.00287EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/13 6:59 a.m.116 views

metasploit-cheatsheet

Metasploit Cheatsheet A practical reference for using Metaspl...

5.7AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/13 4:42 a.m.85 views

Exploit for CVE-2026-22356

CVE-2026-22356 CVE-2026-22356: Jetpack CRM Path Traversal Vuln...

7.5CVSS5.3AI score0.00423EPSS
Exploits1
HackRead
HackRead
added 2026/06/11 1:20 p.m.26 views

Hackers Use Fake Claude Code Guide and AI PDFs to Spread AsyncRAT Malware

Hackers are using fake Claude Code guide and AI PDFs to spread AsyncRAT malware via Windows attack using PowerShell and Defender exclusions...

5.4AI score
Exploits0
HackRead
HackRead
added 2026/06/10 6:18 p.m.19 views

How to Turn Images into Animated Videos with AI: A Wondershare Filmora Guide

This article was created in collaboration with Wondershare...

5.5AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/06 4:13 p.m.97 views

offensive-claude-533

Offensive Security Research Config for Claude Code !TIP...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/06 2:0 p.m.75 views

Kernel-Exploit-Dojo-255

Kernel-Exploit-Dojo-255 CTF kernel exploitation notes, PoCs,...

5.5AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/06 12:9 p.m.61 views

Kernel-Exploit-Dojo-283

Kernel-Exploit-Dojo-283 CTF kernel exploitation notes, PoCs,...

5.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.11 views

PT-2026-49121

This crate provides Rust bindings to SPHINCS+/SLH-DSA FIPS 205 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result,...

5.3AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.24 views

PT-2026-46945

Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.35.11 Description An issue exists in the Envoy gateway related to HTTP/2, which can be exploited to cause a denial of service, potentially bringing down an Evonode. There have been reports of elevated activities...

7.5CVSS5.7AI score0.00815EPSS
Exploits1References11
HackRead
HackRead
added 2026/06/01 2:50 p.m.17 views

RaccoonLine Publishes 2026 dVPN Buyer’s Guide for Privacy-Focused Users

Roma, Італія, 1st June 2026, CyberNewswire...

5.8AI score
Exploits0
Rows per page
Query Builder