15 matches found
EUVD-2017-16777
Malware in sbrugna...
EUVD-2023-39920
Malicious code in bioql PyPI...
UBUNTU-CVE-2025-0716
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/ContentSpoofing and also negatively affect...
CVE-2021-29529
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in tf.rawops.QuantizedResizeBilinear by manipulating input values so that float rounding results in off-by-one error in accessing image elements. This is because the...
Heap overflow
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in tf.rawops.QuantizedResizeBilinear by manipulating input values so that float rounding results in off-by-one error in accessing image elements. This is because the...
CVE-2021-29529
CVE-2021-29529 affects TensorFlow’s QuantizedResizeBilinear in tf.raw_ops.QuantizedResizeBilinear, where rounding of floating input can cause interpolation bounds to produce an out-of-bounds access, leading to a heap buffer overflow. The vulnerability arises because lower/upper interpolation boun...
CVE-2021-29529 Heap buffer overflow caused by rounding
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in tf.rawops.QuantizedResizeBilinear by manipulating input values so that float rounding results in off-by-one error in accessing image elements. This is because the...
SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2017:2589-1)
This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed : - CVE-2017-7807 Domain hijacking through AppCache fallback bsc1052829 - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts bsc1052829 - CVE-2017-7792 Buffer...
SUSE-SU-2017:2589-1 Security update for MozillaFirefox
This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: - CVE-2017-7807 Domain hijacking through AppCache fallback bsc1052829 - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts bsc1052829 - CVE-2017-7792 Buffer overfl...
CVE-2016-2102
HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network...
Design/Logic Flaw
HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network...
CVE-2016-2102
HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network...
CVE-2016-2102
Removed by vendor...
CVE-2016-2102
HAProxy in openstack-tripleo-image-elements is exposed via non-authenticated statistics over the network (CVE-2016-2102). Connected sources reference haproxy-related vulnerabilities affecting the package, and a Red Hat bug entry (1311145) is linked. The provided connected documents do not include...
Chrome Universal XSS through adopting image elements (CVE-2016-1667)
VULNERABILITY DETAILS When a node is being adopted, the tree scope adopter calls |didMoveToNewDocument| on each rescoped node in the tree. The 同理 , iframe 、 js也采用类似的处理流程 implementation of |didMoveToNewDocument| calls the corresponding method on the related loader, which clears and stops observing...