50 matches found
@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/flight-math (=0.5.3)
@squawk/flight-math NPM version =0.5.3 is affected by a known vulnerability. The following packages have a transitive dependency on @squawk/flight-math and may be impacted: - @squawk/mcp =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKFLIGHTMATH-16640879...
Astra Linux - уязвимость в ffmpeg
FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from an assertion failure in src/libavutil/mathematics.c...
EUVD-2024-26014
Malicious code in bioql PyPI...
A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True.
...
Linux Distros Unpatched Vulnerability : CVE-2020-6816
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False...
CVE-2021-38291
FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from a an assertion failure at src/libavutil/mathematics.c...
System Prompt Poisoning: Persistent Attacks on Large Language Models beyond User Injection
Large language models LLMs have gained widespread adoption across diverse applications due to their impressive generative capabilities. Their plug-and-play nature enables both developers and end users to interact with these models through simple prompts. However, as LLMs become more integrated in...
Fedora: Security Advisory for vecmath1.2 (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: vecmath1.2-1.14-36.fc40
This is an unofficial implementation java source code of the javax.vecmath package specified in the JavaTM 3D API 1.2 . The package includes classes for 3-space vector/point, 4-space vector, 4x4, 3x3 matrix, quaternion, axis-angle combination and etc. which are often utilized for computer graphic...
[SECURITY] Fedora 40 Update: apache-commons-math-3.6.1-18.fc40
Commons Math is a library of lightweight, self-contained mathematics and statistics components addressing the most common problems not available in the Java programming language or Commons Lang...
A Celebrated Cryptography-Breaking Algorithm Just Got an Upgrade
Two researchers have improved a well-known technique for lattice basis reduction, opening up new avenues for practical experiments in cryptography and mathematics...
jointmathematicsmeetings.org Cross Site Scripting vulnerability OBB-2846445
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Malicious code in com.unity.mathematics (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 37257a794ebf3ec16e0c1275dd7c56266fcb80b851ef6fa344a7b4b380676bcb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2066 Malicious code in com.unity.mathematics (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 37257a794ebf3ec16e0c1275dd7c56266fcb80b851ef6fa344a7b4b380676bcb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2021-38291
FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from a an assertion failure at src/libavutil/mathematics.c...
FFmpeg 安全漏洞
FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg Ffmpeg team. A security vulnerability exists in FFmpeg, which originates from an assertion failure at src/libavutil/mathematics.c. The vulnerability is caused by the use of the following code:...
CVE-2021-38291
FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from a an assertion failure at src/libavutil/mathematics.c...
CVE-2021-38291
FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from a an assertion failure at src/libavutil/mathematics.c...
PYSEC-2021-865
In Mozilla Bleach before 3.3.0, a mutation XSS affects users calling bleach.clean with math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe, or xmp tags with stripcomments=False...
CVE-2018-20803 Infinite loop in aggregation expression
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects MongoDB Server v4.0 versions prior to 4.0.5; MongoDB Server v3.6 versions prior to 3.6.10...