ExternalName Services can be used to gain access to Envoy's admin interface

Impact Josh Ferrell @josh-ferrell from VMware has reported that a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy remotely a denial of service, o...

CVE-2021-37678

TensorFlow is an end-to-end open source platform for machine learning. In affected versions TensorFlow and Keras can be tricked to perform arbitrary code execution when deserializing a Keras model from YAML format. The implementation uses yaml.unsafeload which can perform arbitrary code execution...

PYSEC-2021-300

TensorFlow is an end-to-end open source platform for machine learning. In affected versions TensorFlow and Keras can be tricked to perform arbitrary code execution when deserializing a Keras model from YAML format. The implementation uses yaml.unsafeload which can perform arbitrary code execution...

PYSEC-2021-781

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...

CVE-2021-37681

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of SVDF in TFLite is vulnerable to a null pointer error. The GetVariableInput function can return a null pointer but GetTensorData assumes that the argument is always a valid tensor...

PYSEC-2021-601

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. The implementation unconditionally dereferences a pointer. We have...

PYSEC-2021-786

TensorFlow is an end-to-end open source platform for machine learning. In affected versions most implementations of convolution operators in TensorFlow are affected by a division by 0 vulnerability where an attacker can trigger a denial of service via a crash. The shape inference implementation i...

PYSEC-2021-278

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check...

PYSEC-2021-768

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixDiagV. The implementation has incomplete validation that the value of k is a valid...

PYSEC-2021-757

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The...

PYSEC-2021-570

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixDiagV. The implementation has incomplete validation that the value of k is a valid...

PYSEC-2021-281

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all binary cwise operations that don't require broadcasting e.g., gradients of binary cwise operations. The implementatio...

PYSEC-2021-771

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The implementation has a logic error: it should skip processing i...

Plone vulnerable to open redirect

Overview Plone provided by Plone Foundation contains an open redirect vulnerability CWE-601. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When accessin...

Multiple vulnerabilities in multiple Trend Micro Endpoint security products for enterprises

Overview Multiple Endpoint security products for enterprises provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. Incorrect Permission Assignment CWE-732 - CVE-2021-32464 Improper Preservation of Permissions CWE-281 - CVE-2021-32465 Improper Input Validation CWE-20 ...

You’ve Found a Vulnerability! Now What? A Guide to Responsible Disclosure.

Information security researchers make a valuable contribution to our online security by finding vulnerabilities and facilitating getting them fixed. Wordfence has been finding and disclosing vulnerabilities in WordPress core, WordPress plugins, and WordPress themes since 2011. Our research has...

Vulnerability fixed in NetBSD

The developers of NetBSD have fixed a vulnerability in kernfs. The vulnerability allows an authenticated malicious person to able to read any files on the file system, including files both system and userspace for which the malicious party is not originally authorized. No CVE ID has been disclose...

Cross-site Scripting in Apache Airflow

The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions 1.10.15 in 1.x series and affects 2.0.0 and 2.0.1 and 2.x series. This is the same as CVE-2020-13944 & CVE-2020-17515 but the implemented fix did not fi...

FreeBSD : Prometheus -- arbitrary redirects (59ab72fb-bccf-11eb-a38d-6805ca1caf5c)

Prometheus reports : Prometheus is an open-source monitoring system and time series database. In 2.23.0, Prometheus changed its default UI to the New ui. To ensure a seamless transition, the URL's prefixed by /new redirect to /. Due to a bug in the code, it is possible for an attacker to craft an...

Vulnerability fixed in cURL

A vulnerability has been fixed in cURL. A malicious person at remote user could potentially exploit the vulnerability to cause a denial-of-service or execute arbitrary code with the application's permissions. To do this, the malicious party needs to entice a victim to execute a cURL request towar...