Lucene search
K

470 matches found

OSV
OSV
added last week5 views

PYSEC-2026-1962 TensorFlow has segfault in array_ops.upper_bound

Impact arrayops.upperbound causes a segfault when not given a rank 2 tensor. Patches We have patched the issue in GitHub commit 915884fdf5df34aaedd00fc6ace33a2cfdefa586. The fix will be included in TensorFlow 2.13. We will also cherrypick this commit in TensorFlow 2.12.1. For more information...

8.7CVSS5.9AI score0.00429EPSS
Exploits0References7
OSV
OSV
added last week4 views

PYSEC-2026-1954 Invalid char to bool conversion when printing a tensor

Impact When printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. Patches We have patched the issu...

4.8CVSS6AI score0.00389EPSS
Exploits0References7
OSV
OSV
added last week3 views

PYSEC-2026-1964 TensorFlow has Floating Point Exception in AvgPoolGrad with XLA

Impact If the stride and window size are not positive for tf.rawops.AvgPoolGrad, it can give an FPE. python import tensorflow as tf import numpy as np @tf.functionjitcompile=True def test: y = tf.rawops.AvgPoolGradoriginputshape=1,0,0,0, grad=0.39117979, ksize=1,0,0,0, strides=1,0,0,0,...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6
OSV
OSV
added last week4 views

PYSEC-2026-1960 TensorFlow has Floating Point Exception in AudioSpectrogram

Impact version:2.11.0 //core/ops/audioops.cc:70 Status SpectrogramShapeFnInferenceContext c ShapeHandle input; TFRETURNIFERRORc-WithRankc-input0, 2, &input; int32t windowsize; TFRETURNIFERRORc-GetAttr"windowsize", &windowsize; int32t stride; TFRETURNIFERRORc-GetAttr"stride", &stride; .....1...

7.5CVSS6.6AI score0.00383EPSS
Exploits0References6
OSV
OSV
added last week3 views

PYSEC-2026-971 Tensorflow vulnerable to Out-of-Bounds Read

Impact When the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob vuln occurs. python tf.rawops.ThreadUnsafeUnigramCandidateSampler trueclasses=0x100000,1, numtrue = 2, numsampled = 2, unique = False, rangemax = 2, seed = 2, seed2 = 2 Patches We have...

6.8CVSS5.9AI score0.0038EPSS
Exploits1References7
OSV
OSV
added 2026/07/06 8:3 a.m.3 views

PYSEC-2026-1032 Missing validation results in undefined behavior in `SparseTensorDenseAdd

Impact The implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments: python import tensorflow as tf aindices = tf.constant0, shape=17, 2, dtype=tf.int64 avalues = tf.constant, shape=0, dtype=tf.float32 ashape = tf.constant6, 12, shape=2, dtype=tf.int64 b =...

5.5CVSS6.1AI score0.00338EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-53972

Name of the Vulnerable Software and Affected Versions coturn versions prior to 4.13.0 Description An authenticated TURN client can bypass the default loopback guard by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 within a TURN XOR-PEER-ADDRESS attribute. This occurs because the ioa ad...

7.4CVSS6.1AI score0.00287EPSS
Exploits0References3
Spring Security Advisories
Spring Security Advisories
added 2026/03/31 12:0 a.m.11 views

This Week in Spring - March 31st, 2026

Hi, Spring fans! Welcome to another fun edition of This Week in Spring! I'm writing to you from beautiful Amsterdam ahead of the wonderful Voxxed Days Amsterdam event, and I'm really looking forward to it. If you're there, please come say hello! Also, be aware that I'll be speaking at the Paris J...

8.6CVSS5.9AI score0.0122EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/02/25 9:42 a.m.8 views

Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: Build without apparmor for openSUSE Leap 16, SLES 16 or newer Require Go 1.23 for building Update to version 1.0.1...

8.7CVSS5.4AI score0.00403EPSS
Exploits0References32
OSV
OSV
added 2026/02/25 9:42 a.m.7 views

SUSE-SU-2026:0626-1 Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: - Build without apparmor for openSUSE Leap 16, SLES 16 or newer - Require Go 1.23 for building - Update to versi...

7.5CVSS5.4AI score0.00403EPSS
Exploits0References15
OSV
OSV
added 2026/02/25 9:41 a.m.7 views

SUSE-SU-2026:0625-1 Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: - Build without apparmor for openSUSE Leap 16, SLES 16 or newer - Require Go 1.23 for building - Update to versi...

7.5CVSS5.5AI score0.00403EPSS
Exploits0References31
SUSE Linux
SUSE Linux
added 2026/02/25 9:41 a.m.8 views

Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: Build without apparmor for openSUSE Leap 16, SLES 16 or newer Require Go 1.23 for building Update to version 1.0.1...

8.7CVSS5.4AI score0.00403EPSS
Exploits0References64
Wiz blog
Wiz blog
added 2025/11/19 1:0 p.m.8 views

Blueprint for Security: A Guide to Code, Governance, and Response Frameworks

Building a Foundation for Security and Compliance...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2023-2185

Malicious code in bioql PyPI...

8.2CVSS7.9AI score0.01855EPSS
Exploits0References8
HackRead
HackRead
added 2025/08/13 10:17 a.m.10 views

Tips for Transcribing Video with Technical Jargon

When it comes to transcribing videos, technical jargon can pose several challenges. However, with the right approach, you…...

7.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2025/08/12 8:18 p.m.13 views

Navigating the API Security Landscape: Your Definitive API Security Buyer’s Guide for 2025

APIs power today’s digital economy—connecting customers, partners, and internal services at breakneck speed. But with that agility comes risk: in 2024 alone, API vulnerabilities cost organizations a staggering$2.5 billion in remediation, fines, and lost revenue. As APIs proliferate, traditional...

7.3AI score
Exploits0
SUSE Linux
SUSE Linux
added 2025/07/23 12:41 p.m.8 views

Security update 5.0.5 for Multi-Linux Manager Client Tools

This update fixes the following issues: salt: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability in...

9.6CVSS7.5AI score0.00982EPSS
Exploits0References74
SUSE Linux
SUSE Linux
added 2025/02/14 7:20 a.m.6 views

Security update for SUSE Manager Client Tools

This update fixes the following issues: scap-security-guide was updated to version 0.1.75 jscECO-3319: Added Ism profile for OL8, OL9 Added new product kylinserver10 Created OL10 product Release SLMicro5 product Replaced two date injections by SOURCEDATEEPOCH to make reproducible bsc1230361 Updat...

5.7CVSS7.6AI score0.00172EPSS
Exploits0References34
OSV
OSV
added 2025/02/14 7:20 a.m.11 views

SUSE-SU-2025:0532-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: scap-security-guide was updated to version 0.1.75 jscECO-3319: - Added Ism profile for OL8, OL9 - Added new product kylinserver10 - Created OL10 product - Release SLMicro5 product - Replaced two date injections by SOURCEDATEEPOCH to make reproducible...

5.7CVSS9.8AI score0.00172EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2025/02/14 7:19 a.m.6 views

Security update for SUSE Manager Client Tools

This update fixes the following issues: scap-security-guide was updated to version 0.1.75 jscECO-3319: Added Ism profile for OL8, OL9 Added new product kylinserver10 Created OL10 product Release SLMicro5 product Replaced two date injections by SOURCEDATEEPOCH to make reproducible bsc1230361 Updat...

5.7CVSS7.6AI score0.00172EPSS
Exploits0References34
Rows per page
Query Builder