15 matches found
编号撤回
Ray is a unified framework for scaling AI and Python applications open-sourced by ray-project. This CVE number has been withdrawn...
Oneflow Security Vulnerability
Oneflow is a deep learning framework open-sourced by Oneflow. A security vulnerability exists in Oneflow version v0.9.1 that stems from improper validation of input...
Chocolatey Cmder has an unspecified vulnerability
Chocolatey Cmder is a package open sourced by Chocolatey. Chocolatey Cmder v1.3.20 and earlier versions contain a security vulnerability. An attacker could gain write access to the path C:\tools\Cmder and all files located in that folder for all users in the Authenticated Users group...
Caryll OTFCC otfccdump+0x4fe954 denial of service vulnerability
Caryll OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. A denial of service vulnerability exists in Caryll OTFCC, which originates from a segmentation conflict at /release-x64/otfccdump+0x4fe954. An attacker can exploit the vulnerability t...
OTFCC has an unspecified vulnerability (CNVD-2023-11790)
OTFCC is a C library and utility open sourced by Caryll. It is used to parse and write OpenType font files. OTFCC has a security vulnerability that stems from a segmentation violation located at its /release-x64/otfccdump 0x4fe9a7. No detailed vulnerability details are currently available...
Annotation Tool path traversal vulnerability
Annotation Tool is a Bonn activity map annotation tool open sourced by bonn-activity-maps. 2021-08-31 and earlier versions of Annotation Tool are vulnerable to a path traversal vulnerability that stems from a failure of Flask's sendfile function to properly filter special elements in a resource o...
dbus-broker 缓冲区错误漏洞
dbus-broker is a Linux D-Bus message broker open-sourced by bus1. A security vulnerability exists in dbus-broker. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...
[SECURITY] Fedora 36 Update: tesseract-5.0.1-5.fc36
A commercial quality OCR engine originally developed at HP between 1985 and 1995. In 1995, this engine was among the top 3 evaluated by UNLV. It was open-sourced by HP and UNLV in 2005...
Lychee Cross-Site Scripting Vulnerability
Lychee is a beautiful and easy to use photo management system open sourced by The Lychee Organisation. Lychee has a cross-site scripting vulnerability, and no details of the vulnerability are available...
Daniel Kamil Kozar tsMuxer buffer overflow vulnerability
Daniel Kamil Kozar tsMuxer is an application open sourced by Daniel Kamil Kozar. A transport stream mixer for remixing/mixing basic streams. Daniel Kamil Kozar tsMuxer 2.6.16 is vulnerable to a buffer overflow vulnerability that originates from the function BitStreamReader::getCurVal in bitStream...
Dropbox: Algorithmic complexity vulnerability in ZXCVBN leads to remote denial of service attack
@davidrenardy discovered that the ZXCVBN algorithm is quadratic in time complexity, which implies that the user can submit an arbitrarily long password to the library, leading to a potential denial of service attack if performed at scale. Given how ZXCVBN is used at Dropbox, we accept the Denial ...
SparkyLinux - Lightweight & fast Debian-based Linux Distribution
SparkyLinux is a GNU/Linux distribution created on the “testing” branch of Debian. It features customized lightweight desktops like E19, LXDE and Openbox, multimedia plugins, selected sets of apps and own custom tools to ease different tasks. Why Sparky? SparkyLinux is a Debian-based Linux...
PHP Money Books 1.03 Stored Cross Site Scripting
Exploit Title: phpmoneybooks 1.03 Stored XSS Date: Jun 28, 2012 Exploit Author: chap0 - chap0.blogspot.com - @chap0 Vendor Homepage: http://phpmoneybooks.com/ Software Link: http://sourceforge.net/projects/phpmoneybooks/files/phpMoneyBooks103.zip/download Version: 1.03 Patch: Upgrade to 1.04 Vend...
phpmoneybooks 1.03 Stored XSS
Exploit for php platform in category web applications Exploit Title: phpmoneybooks 1.03 Stored XSS Date: Jun 28, 2012 Exploit Author: chap0 - chap0.blogspot.com - @chap0 Vendor Homepage: http://phpmoneybooks.com/ Software Link:...
phpmoneybooks 1.03 - Persistent Cross-Site Scripting
Exploit Title: phpmoneybooks 1.03 Stored XSS Date: Jun 28, 2012 Exploit Author: chap0 - chap0.blogspot.com - @chap0 Vendor Homepage: http://phpmoneybooks.com/ Software Link: http://sourceforge.net/projects/phpmoneybooks/files/phpMoneyBooks103.zip/download Version: 1.03 Patch: Upgrade to 1.04 Vend...