PYSEC-2021-253

TensorFlow is an end-to-end open source platform for machine learning. The implementation of TrySimplifyhttps://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmeticoptimizer.ccL390-L401 has undefined behavior due to...

PYSEC-2021-742

TensorFlow is an end-to-end open source platform for machine learning. The implementation of TrySimplifyhttps://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmeticoptimizer.ccL390-L401 has undefined behavior due to...

Command Execution Vulnerability in WeCenter of Anhui Simplify Information Technology Co.

WeCenter is an open source program for building knowledge communities. Anhui Simplify Information Technology Co., Ltd WeCenter has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

Command Execution Vulnerability in WeCenter of Anhui Simplify Information Technology Co. Ltd (CNVD-2021-33411)

WeCenter is an open source program for building knowledge communities. Anhui Simplify Information Technology Co., Ltd WeCenter has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

Linux-Evil-Toolkit - A Framework That Aims To Centralize, Standardize And Simplify The Use Of Various Security Tools For Pentest Professionals

Linux evil toolkit is a framework that aims to centralize, standardize and simplify the use of various security tools for pentest professionals. LETK Linux evil toolkit has few simple commands, one of which is the INIT that allows you to define a target, and thus use all the tools without typing...

Cloud Security Gaps and Misconfigurations

Listen to this podcast from “The SecureWorld Sessions” to learn how to discover the security gaps and misconfigurations that may be lurking in your infrastructure after migrating to the cloud, and how you can simplify your security...

systemd security, bug fix, and enhancement update

239-18.0.1 - fix netdev is missing for iscsi entry in /etc/fstab [email protected] Orabug: 25897792 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 Orabug: 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - add hv dynamic memory support Jerry...

Automattic: Timing attack woocommerce, simplify commerce gateway

file class-wc-gateway-simplify-commerce.php method returnhandler e.g. where woocommerce marks the order regarding its payment / transaction. public function returnhandler @obclean; header 'HTTP/1.1 200 OK' ; if isset $REQUEST'reference' && isset $REQUEST'paymentId' && isset $REQUEST'signature'...

Generic Android Deobfuscator: Simplify

Simplify uses a virtual machine to execute an app and understand what it does. Then, it applies optimizations to create code that behaves identically but is easier for a human to understand. It is a generic deobfuscator because it doesn’t need any special configuration or code for different types...

Platinum SDK Library post upnp sscanf Buffer Overflow Vulnerability

No description provided by source. / -POC CODE Remote Buffer Overflow - ========================================================================= ! Exploit Title: Platinum SDK library post upnp sscanf buffer overflow ! ========================================================================= Date...

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2013:0777-1)

java-160-openjdk was updated to 1.12.5 bnc817157 - Security fixes - S6657673, CVE-2013-1518: Issues with JAXP - S7200507: Refactor Introspector internals - S8000724, CVE-2013-2417: Improve networking serialization - S8001031, CVE-2013-2419: Better font processing - S8001040, CVE-2013-1537: Rework...

SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1175-1 (java-1_6_0-openjdk)

Check for the Version of java-160-openjdk OpenVAS Vulnerability Test $Id: gbsuse201211751.nasl 8295 2018-01-05 06:29:18Z teissa $ SuSE Update for java-160-openjdk openSUSE-SU-2012:1175-1 java-160-openjdk Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...

java-1_6_0-openjdk: icedtea-web update to 1.11.4 (bnc#) (critical)

The icedtea-web Java plugin was updated to 1.11.4 to fix critical security issues: Security fixes - S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder - S7163201, CVE-2012-0547: Simplify toolkit internals references OpenJDK - S7182135: Impossible to use some editors directly -...

Platinum SDK Library post upnp sscanf Buffer Overflow Vulnerability

Exploit for windows platform in category dos / poc =================================================================== Platinum SDK Library post upnp sscanf Buffer Overflow Vulnerability =================================================================== / -POC CODE Remote Buffer Overflow -...