EUVD-2018-16939

Malware in sbrugna...

GHSA-X2W4-C67P-G44J Grafana Missing Synchronization vulnerability

Grafana is an open-source platform for monitoring and observability. Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance. The only feature that uses mixed queries at the moment is public...

Google TensorFlow 缓冲区错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A security vulnerability exists in Google TensorFlow versions 2.4.2,2.3.3,2.2.3, and 2.1.4, which stems from an implementation of tf.io.decoderaw that produces incorrect...

CVE-2018-5153

If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox 60...

UBUNTU-CVE-2018-5153

If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox 60...