CVE-2026-20223 Cisco Secure Workload Unauthorized API Access Vulnerability

A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST...

EspoCRM 注入漏洞

EspoCRM is an open source web-based customer relationship management CRM system from EspoCRM Open Source. The system provides features such as sales automation, community and customer support. An injection vulnerability exists in EspoCRM 9.1.6 and earlier versions, which stems from insufficient...

CVE-2021-25845

Improper validation of the ChassisID TLV in userdisk/vportlldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows attackers to cause a denial of service due to a NULL pointer dereference via a crafted lldp packet...

CVE-2023-31442

In Lightbend Akka before 2.8.1, the async-dns resolver used by Discovery in DNS mode and transitively by Cluster Bootstrap uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not...

CVE-2022-29204 Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...

CVE-2022-29196 Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.Conv3DBackpropFilterV2 does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack...

CVE-2022-29198 Missing validation causes denial of service in TensorFlow via `SparseTensorToCSRSparseMatrix`

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service...

CVE-2022-29194 Missing validation causes denial of service via `DeleteSessionTensor` in TensorFlow

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.DeleteSessionTensor does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack...

Exploit for CVE-2019-6329

Local Privilege Escalation in HP Support Assistant A local pri...

Unspecified Vulnerability in Adobe Premiere Clip

Adobe Premiere Clip app for iOS is a free video clipping app for iOS from the American company Audobee Adobe. A security vulnerability exists in Adobe Premiere Clip app for iOS versions prior to 1.2.1. An attacker can exploit the vulnerability to bypass application filters and service validation...

Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities

Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/54773/info Barracuda Email Security Service is prone to multiple HTML-injection vulnerabilities because it fails to properly validate user-supplied input. An attacker may leverage...