CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-33948)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-33948 advisory. - jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b...

EUVD-2026-8893

Zulip is an open-source team collaboration tool. Prior to commit bf28c82dc9b1f630fa8e9106358771b20a0040f7, the API endpoint for creating a card update session during an upgrade flow was accessible to users with only organization member privileges. When the associated Stripe Checkout session is...

PT-2025-48098

Core Bot Is an Open Source discord bot made for maple hospital servers. Prior to commit dffe050, the API keys SUPABASE API KEY, TOKEN are loaded using environment variables, but there are cases in code error handling, summaries, webhooks where configuration summaries may inadvertently leak...

CVE-2024-53982 Arbitrary file download in Zoo-Project Echo Example

ZOO-Project is a C-based WPS Web Processing Service implementation. A path traversal vulnerability was discovered in Zoo-Project Echo example. The Echo example available by default in Zoo installs implements file caching, which can be controlled by user-given parameters. No input validation is...

CVE-2024-53982 Arbitrary file download in Zoo-Project Echo Example

ZOO-Project is a C-based WPS Web Processing Service implementation. A path traversal vulnerability was discovered in Zoo-Project Echo example. The Echo example available by default in Zoo installs implements file caching, which can be controlled by user-given parameters. No input validation is...

CVE-2022-41883

TensorFlow is an open source platform for machine learning. When ops that have specified input sizes receive a differing number of inputs, the executor will crash. We have patched the issue in GitHub commit f5381e0e10b5a61344109c1b7c174c68110f7629. The fix will be included in TensorFlow 2.11. We...

GHSA-RH87-Q4VG-M45J TensorFlow vulnerable to integer overflow in math ops

Impact When RangeSize receives values that do not fit into an int64t, it crashes. cpp auto size = std::isintegral::value ? Eigen::numext::abslimit - start + Eigen::numext::absdelta - T1 / Eigen::numext::absdelta : Eigen::numext::ceil Eigen::numext::abslimit - start / delta; // This check does not...

CVE-2022-35963 `CHECK` failures in `FractionalAvgPoolGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the...

CVE-2021-37672

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.SdcaOptimizerV2. The implementation does not check that the length of...

PYSEC-2021-566

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a floating point exception in tf.rawops.ResourceGather. The implementation computes the value of a value, batchsize, and then divides by it without checking that this...

ackerTodo 4.2 SQL Injection Vulnerability

ackerTodo 4.2 SQL Injection vendor: http://ackertodo.sourceforge.net/site2/index.html File: gadget/login.php Exploiting this issue could allow an attacker to access sensible data. Vuln code: $userlogin = trim$REQUEST'uplogin'; $userpass = trim$REQUEST'uppass'; $numtasks = trim$REQUEST'upnumtasks'...

BitchX: Crash when channel modes change

On May 7th 2003, we recieved a bug report through our tracking system which noted a crash problem with BitchX for all versions up to 1.0c20cvs. Certain mode changes would cause BitchX to core consistantly. This problem was resolved in less than 24 hours. The patch was commited to CVS by powuh...