111 matches found
CVE-2023-29450 Unauthorized limited filesystem access from preprocessing
JavaScript pre-processing can be used by the attacker to gain access to the file system read-only access on behalf of user "zabbix" on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...
CVE-2023-29450 Unauthorized limited filesystem access from preprocessing
JavaScript pre-processing can be used by the attacker to gain access to the file system read-only access on behalf of user "zabbix" on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...
CVE-2023-29449 Limited control of resource utilization in JS preprocessing
JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles Admin and Superadmin. Administrative privileges should be typically granted ...
CVE-2023-29449 Limited control of resource utilization in JS preprocessing
JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles Admin and Superadmin. Administrative privileges should be typically granted ...
CVE-2023-29449
CVE-2023-29449 affects Zabbix frontend components related to JavaScript preprocessing, webhooks and global scripts. The issue is described as causing uncontrolled CPU, memory, and disk I/O utilization when these features are configured or tested, with access restricted to Administrative roles (Ad...
Debian: Security Advisory (DLA-297-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2010-3836
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service assertion failure and server crash via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers...
PT-2023-9379 · Zabbix +3 · Zabbix +3
Name of the Vulnerable Software and Affected Versions: Zabbix affected versions not specified Description: The issue is related to uncontrolled CPU, memory, and disk I/O utilization caused by JavaScript preprocessing, webhooks, and global scripts. This can be exploited to cause a denial of servic...
CVE-2022-31540
The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
hin-eng-preprocessing 路径遍历漏洞
hin-eng-preprocessing is an English parallel corpus of NMT by individual developers in KD, Belarus. It is used to enhance IITB Hindi. A security vulnerability exists in hin-eng-preprocessing version 2019-07-16 and earlier, which stems from an incorrect call to Flask's sendfile function resulting ...
UBUNTU-CVE-2021-44686
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service in htmlpreprocessrules in ebooks/conversion/preprocess.py...
Fast, Effective N-grams Extraction and Analysis with SQL
Features extraction is expensive, especially when dealing with big data. That’s why it’s great when you have the ability to preprocess close to the database - the data stays in the DB and doesn’t have to move out, unless necessary. One common approach for text data representation is N-grams...
DEBIAN-CVE-2021-26929
An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 where the HordeTextFilter library before 2.3.7 is used. The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke us...
graduation_design
This is a Python script for a web intrusion detection system using machine learning. The script uses the scikit-learn library to implement a supervised learning approach. It collects and preprocesses normal requests and attack payloads, and uses a Support Vector Machine SVM to classify new reques...
aglvq (=1.0.0), beacon-trellis (=0.1.0) +64 more potentially affected by CVE-2020-15205 via tensorflow (=2.1.0)
tensorflow PYPI version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - aglvq =1.0.0 - beacon-trellis =0.1.0 - biobb-ml =3.0.0, =0.0.1, =0.2.0, =0.0.2, =0.1.0, =1.1.0, =0.2.0rc1, =0.2.0rc3 and more Source cves:...
DEBIAN-CVE-2019-20352
In Netwide Assembler NASM 2.15rc0, a heap-based buffer over-read occurs via a crafted .asm file in settextfree when called from expandonesmacro in asm/preproc.c...
Netwide Assembler (NASM) Invalid Memory Write Vulnerability
Netwide Assembler NASM is a Linux-based assembler that creates binaries and writes bootloaders. An invalid memory write vulnerability exists in the 'expandsmacro' function of the preproc.c file in NASM version 2.14rc15, which can be exploited by an attacker to cause a denial of service invalid...
Exploit for Out-of-bounds Write in Microsoft
Dissecting modern browser exploit: case study of CVE-2018-8174...
TensorFlow Dataset API for increasing training speed of neural networks
by M.Salnikov, Wallarm Research Wallarm AI engine is the heart of our security solution. Two key parameters of our AI engine efficiency are how fast neural networks can be train to reflect the updated training sets and how much compute power need to be dedicated to the training on the on-going...
[SECURITY] Fedora 25 Update: procmail-3.22-44.fc25
Procmail can be used to create mail-servers, mailing lists, sort your incoming mail into separate folders/files real convenient when subscribing to one or more mailing lists or for prioritising your mail, preprocess your mail, start any programs upon mail arrival e.g. to generate different chimes...