Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime may affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2022-21282, CVE-2022-21296, CVE-2022-21299)

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Version 8 used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-21299 DESCRIPTION: An unspecified...

CVE-2023-27506

Improper buffer restrictions in the IntelR Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access...

Buffer overflow

Improper buffer restrictions in the IntelR Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-27506

CVE-2023-27506 affects Intel® Optimization for TensorFlow prior to 2.12. The issue arises from improper buffer restrictions, enabling a locally authenticated attacker to potentially escalate privileges on the system. Intel and multiple advisories reference the same vulnerability, with the primary...

CVE-2023-27506

Improper buffer restrictions in the IntelR Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-27506

Improper buffer restrictions in the IntelR Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access...

PT-2023-21178 · Intel · Intel Optimization For Tensorflow

Name of the Vulnerable Software and Affected Versions: IntelR Optimization for Tensorflow versions prior to 2.12 Description: The issue is related to improper buffer restrictions, which may allow an authenticated user to potentially enable escalation of privilege via local access. Recommendations...

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs

Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called Collide+Power CVE-2023-20583, Downfall CVE-2022-40982, and Inception CVE-2023-20569, the novel methods follow the disclosure of another newly...

How to Leverage the AWS Cost Optimization Pillar

Explore the Cost Optimization pillar of the AWS Well-Architected Framework and gain best practices for designing processes that make it possible to go to market and optimize costs early on...

e107 Cross-Site Scripting Vulnerability

e107 is an open source, free and PHP and MySQL based Content Management System CMS from the E107 team. The system supports a wide range of plug-ins and look-alike themes, and can be used as a personal blog, discussion community, archive repository, and so on. A cross-site scripting vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Decision Optimization for IBM Cloud Private for Data (ICP4Data)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Decision Optimization for ICP4Data. IBM Decision Optimization for ICP4Data has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime...

kernel security and bug fix update

5.14.0-284.18.12 - cifs: fix wrong unlock before return from cifstreeconnect - docs: Remove the unnecessary unicode character - perf vendor events intel: Refresh ivytown metrics and events - perf vendor events: Update Intel ivytown - perf vendor events intel: Refresh jaketown metrics and events -...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2023-2424)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Image Optimization 3.8.2 Open Redirection

==================================================================================================================================== | Title : WordPress Image Optimization 3.8.2 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefo...

WordPress ImagePilot - Save Money, Disk Space, and Bandwidth with Image Optimization Plugin < 0.1.2 is vulnerable to Cross Site Scripting (XSS)

Software ImagePilot - Save Money, Disk Space, and Bandwidth with Image Optimization Type Plugin Vulnerable versions 0.1.2 Fixed in 0.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership...

WordPress WooCommerce Visitor Recording and Conversion Rate Optimization plugin - HumCommerce Plugin <= 3.0.9 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Visitor Recording and Conversion Rate Optimization plugin - HumCommerce Type Plugin Vulnerable versions = 3.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress Robots.txt optimization Plugin < 1.4.7 is vulnerable to Cross Site Scripting (XSS)

Software Robots.txt optimization Type Plugin Vulnerable versions 1.4.7 Fixed in 1.4.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e354a0c1d52e Credits Rafie Muhammad Patchstack...

CVE-2020-36750

The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.1. This is due to missing or incorrect nonce validation on the ewwwnggbulkinit function. This makes it possible for unauthenticated attackers to perform bulk image...

CVE-2020-36750

The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.1. This is due to missing or incorrect nonce validation on the ewwwnggbulkinit function. This makes it possible for unauthenticated attackers to perform bulk image...

Cross site request forgery (csrf)

The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.1. This is due to missing or incorrect nonce validation on the ewwwnggbulkinit function. This makes it possible for unauthenticated attackers to perform bulk image...