Lucene search
K

39636 matches found

Nuclei
Nuclei
added yesterday31 views

Rank Math SEO < 1.0.229 - Unauthenticated User and Term Metadata Insert/Update/Deletion

Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress contains a missing capability check on 'updatemetadata' in all versions up to 1.0.228, letting unauthenticated attackers insert, update, or delete metadata, including user and term metadata, potentially causing loss of...

6.5CVSS6.1AI score0.02131EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday18 views

Rank Math SEO <= 1.0.40.2 - Redirect Creation via Unprotected REST API Endpoint

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs that redirect to an external web site via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the...

6.1CVSS6.5AI score0.02072EPSS
Exploits2References3
OSV
OSV
added 2026/07/07 2:34 p.m.5 views

PYSEC-2026-1962 TensorFlow has segfault in array_ops.upper_bound

Impact arrayops.upperbound causes a segfault when not given a rank 2 tensor. Patches We have patched the issue in GitHub commit 915884fdf5df34aaedd00fc6ace33a2cfdefa586. The fix will be included in TensorFlow 2.13. We will also cherrypick this commit in TensorFlow 2.12.1. For more information...

8.7CVSS5.9AI score0.00429EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.3 views

PYSEC-2026-941 `CHECK` fail via inputs in `SdcaOptimizer`

Impact Inputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer. python import tensorflow as tf tf.rawops.SdcaOptimizer sparseexampleindices=4 tf.random.uniform5,5,5,3, dtype=tf.dtypes.int64, maxval=100, sparsefeatureindices=4 tf.random.uniform5,5,5,3,...

4.8CVSS7AI score0.0044EPSS
Exploits1References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1037 TensorFlow vulnerable to segfault in `QuantizedAdd`

Impact If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf Toutput = tf.qint32 x = tf.constant140, shape=1, dtype=tf.quint8 y = tf.constant26, shape=10,...

5.9CVSS5.9AI score0.00409EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-977 TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVars`

Impact If FakeQuantWithMinMaxVars is given min or max tensors of a nonzero rank, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf numbits = 8 narrowrange = False inputs = tf.constant0, shape=2,3, dtype=tf.float32 min = tf.constant0,...

5.9CVSS6.9AI score0.00383EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-980 TensorFlow vulnerable to `CHECK` fail in `tf.linalg.matrix_rank`

Impact When tf.linalg.matrixrank receives an empty input a, the GPU kernel gives a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf a = tf.constant, shape=0, 1, 1, dtype=tf.float32 tf.linalg.matrixranka=a Patches We have patched the issue in GitHub...

5.9CVSS5.9AI score0.00405EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-995 TensorFlow vulnerable to segfault in `QuantizedInstanceNorm`

Impact If QuantizedInstanceNorm is given xmin or xmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outputrangegiven = False givenymin = 0 givenymax = 0 varianceepsilon = 1e-05 minseparation = 0.001 x =...

5.9CVSS6.9AI score0.00423EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1006 TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannelGradient`

Impact When tf.quantization.fakequantwithminmaxvarsperchannelgradient receives input min or max of rank other than 1, it gives a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf arg0=tf.random.uniformshape=1,1, dtype=tf.float32, maxval=None...

5.9CVSS5.9AI score0.00383EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.3 views

PYSEC-2026-1040 TensorFlow vulnerable to `CHECK` fail in `TensorListScatter` and `TensorListScatterV2`

Impact When TensorListScatter and TensorListScatterV2 receive an elementshape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf arg0=tf.random.uniformshape=2, 2, 2, dtype=tf.float16, maxval=None...

5.9CVSS7AI score0.00441EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.7 views

PYSEC-2026-979 TensorFlow vulnerable to `CHECK` fail in `TensorListFromTensor`

Impact When TensorListFromTensor receives an elementshape of a rank greater than one, it gives a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf arg0=tf.random.uniformshape=6, 6, 2, dtype=tf.bfloat16, maxval=None arg1=tf.random.uniformshape=6, 9, 1, 3,...

5.9CVSS5.9AI score0.00396EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.6 views

PYSEC-2026-1016 TensorFlow vulnerable to `CHECK` fail in `RaggedTensorToVariant`

Impact If RaggedTensorToVariant is given a rtnestedsplits list that contains tensors of ranks other than one, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf batchedinput = True rtnestedsplits = tf.constant0,32,64, shape=3,...

5.9CVSS7AI score0.00383EPSS
Exploits0References7
Fedora
Fedora
added 2026/07/04 12:51 a.m.7 views

[SECURITY] Fedora 44 Update: leptonica-1.87.0-4.fc44

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

9.8CVSS6.8AI score0.01735EPSS
Exploits0
EUVD
EUVD
added 2026/06/15 9:30 p.m.10 views

EUVD-2026-36919

Subscriber Broken Access Control in Rank Math SEO = 1.0.271 versions...

6.5CVSS5.1AI score0.00271EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2026-34892

Subscriber Broken Access Control in Rank Math SEO = 1.0.271 versions...

6.5CVSS0.00271EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:17 p.m.27 views

CVE-2026-34892 WordPress Rank Math SEO plugin <= 1.0.271 - Broken Access Control vulnerability

Subscriber Broken Access Control in Rank Math SEO = 1.0.271 versions...

6.5CVSS0.00271EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:17 p.m.18 views

CVE-2026-34892

The CVE-2026-34892 entry describes a Broken Access Control vulnerability in the WordPress Rank Math SEO plugin (versions

6.5CVSS5.1AI score0.00271EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.15 views

PT-2026-49364

Name of the Vulnerable Software and Affected Versions Rank Math SEO versions prior to 1.0.272 Description Broken access control allows users with the Subscriber role to perform unauthorized actions within the plugin. Recommendations Update to version 1.0.272 or later...

6.5CVSS5.9AI score0.00271EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.8 views

CVE-2025-12714

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the updatesiteeditorhomepage function in all versions up to, and including, 1.0.271. This makes it possible for unauthenticated attackers to...

5.3CVSS5.4AI score0.00411EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.12 views

CVE-2026-6294

The Google PageRank Display plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.4. This is due to missing nonce validation in the gpdisplayoption function, which handles the plugin settings page. The settings form does not include a wpnoncefield, and...

4.3CVSS5.5AI score0.002EPSS
Exploits0References1
Rows per page
Query Builder