CVE-2023-40224

MISP 2.4.174 allows XSS in app/View/Events/index.ctp...

EUVD-2025-26727

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-37280

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of passthrough type. Under certain...

MAL-2024-2510 Malicious code in index-template-lol (npm)

--- -= Per source details. Do not edit below this line.=-...

Denial Of Service (DoS)

org.elasticsearch: elasticsearch is vulnerable to Denial of Service DoS. The vulnerability is due to a StackOverflow exception caused by dynamic field mapping of the passthrough type in an index template. An attacker can exploit this vulnerability by ingesting documents under specific conditions ...

Elasticsearch StackOverflow vulnerability

A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of...

CVE-2024-37280

A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of...

CVE-2024-37280

A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of...

CVE-2024-37280

The CVE-2024-37280 entry concerns Elasticsearch where a stack overflow can occur during document ingestion if an index template contains a dynamic field mapping of type “passthrough” (an experimental feature), potentially leading to a Denial of Service. The core details present in connected recor...

GHSA-844W-J86R-4X2J Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow

Impact A heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case datasize and numsegments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. This is unlikely to be...

CVE-2019-16778 Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case datasize and numsegments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. Thi...

Adobe Flex开发包index.template.html页面跨站脚本漏洞

CVECAN ID: CVE-2009-1879 Adobe Flex是用于构建和维护Web应用程序的高效开放源码框架。 Flex没有正确地过滤用户提交给index.template.html页面的请求参数，通过window.location javascript对象所传送的URL参数之后被存储在了MMredirectURL变量中，并传送给了ACFLRunContent函数。 59行： .snip.. var MMredirectURL = window.location; .snip.. 63行： ACFLRunContent ..snip.. "FlashVars",...