106 matches found
Intel® XMM™ 7560 Modem Software Advisory
Summary: Potential security vulnerabilities in some Intel® XMM™ 7560 Modem software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-26513 Description: Out-of-bounds write in some IntelR XMMT...
CVE-2022-33683 Disabled Certificate Validation makes Broker, Proxy Admin Clients vulnerable to MITM attack
Apache Pulsar Brokers and Proxies create an internal Pulsar Admin Client that does not verify peer TLS certificates, even when tlsAllowInsecureConnection is disabled via configuration. The Pulsar Admin Client's intra-cluster and geo-replication HTTPS connections are vulnerable to man in the middl...
acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35979 via tensorflow (>=2.8.0 <=2.8.0rc1)
tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35979 Source advisory: OSV:GHSA-V7VW-577F-VP8X...
co.fs2:fs2-protocols_sjs1_2.13 (>=3.1-2-8dabe12 <=3.2.10), com.armanbilge:feral-lambda-api-gateway-proxy-http4s_sjs1_2.13 (>=0.1-2f94f32 <=0.1-f497734) +27 more potentially affected by CVE-2022-31183 via co.fs2:fs2-io_sjs1_2.13 (>=3.1.0 <=3.2-10-421c242)
co.fs2:fs2-iosjs12.13 MAVEN version =3.1.0, =3.1-2-8dabe12, =0.1-2f94f32, =0.1-2f94f32, =0.18.3, =0.18.3, =0.0.5, =0.0.1, =0.1.0, =0.0.1, =6.0.0, =0.23.5, =0.23.5, =1.0.0-M29 and more Source cves: CVE-2022-31183 Source advisory: OSV:GHSA-2CPX-6PQP-WF35...
2app (>=1.0.0 <=1.2.8), 2fa-cli (>=1.0.0 <=1.0.4) +4339 more potentially affected by CVE-2022-22912 via plist (>=0.2.1 <=3.0.4)
plist NPM version =0.2.1, =1.0.0, =1.0.0, =0.0.1, =1.0.0, =0.0.1, =1.0.0, =0.0.1-beta.0, =0.0.1, =0.0.12, =0.1.1, =1.0.0, =0.20.0, =0.21.1 - @allroundexperts/rn-swiper =1.0.1 and more Source cves: CVE-2022-22912 Source advisory: OSV:GHSA-4CPG-3VGW-4877...
aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +38 more potentially affected by CVE-2022-21734 via tensorflow (>=2.7.0 <=2.7.0rc1)
tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-21734 Source advisory: OSV:GHSA-GCVH-66FF-4MWM...
alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +35 more potentially affected by CVE-2021-41205 via tensorflow (>=2.6.0 <=2.6.0rc2)
tensorflow PYPI version =2.6.0, =0.0.2, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =0.1.5, =0.2.1 and more Source cves: CVE-2021-41205 Source advisory: OSV:GHSA-49RX-X2RW-PC6F...
accuinsight (>=1.0.62 <=3.0.0rc2), adapt-diagnostics (>=1.2.0 <=1.6.0) +110 more potentially affected by CVE-2021-37665 via tensorflow (>=2.3.0 <=2.3.2)
tensorflow PYPI version =2.3.0, =1.0.62, =1.2.0, =0.1.0, =0.0.1a0, =0.0.1, =1.0.0rc1, =20210206.0.0, =0.1.0.dev1, =0.2.4, =1.0.1.0, =1.0.3 - cardec-cite =1.1.0 and more Source cves: CVE-2021-37665 Source advisory: OSV:PYSEC-2021-287...
deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-37680 via tensorflow-gpu (>=2.3.0 <=2.3.2)
tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-37680 Source advisory: OSV:PYSEC-2021-791...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29571 via tensorflow (>=2.2.0 <=2.2.2)
tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29571 Source advisory: OSV:GHSA-WHR9-VFH2-7HM6...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29523 via tensorflow (>=2.2.0 <=2.2.2)
tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29523 Source advisory: OSV:GHSA-2CPX-427X-Q2C6...
accuinsight (>=1.0.62 <=3.0.0rc2), adapt-diagnostics (>=1.2.0 <=1.6.0) +110 more potentially affected by CVE-2021-29583 via tensorflow (>=2.3.0 <=2.3.2)
tensorflow PYPI version =2.3.0, =1.0.62, =1.2.0, =0.1.0, =0.0.1a0, =0.0.1, =1.0.0rc1, =20210206.0.0, =0.1.0.dev1, =0.2.4, =1.0.1.0, =1.0.3 - cardec-cite =1.1.0 and more Source cves: CVE-2021-29583 Source advisory: OSV:PYSEC-2021-220...
a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +98 more potentially affected by CVE-2021-29617 via tensorflow-cpu (>=1.15.0 <=2.2.0)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.0.1, =0.3.3 and more Source cves: CVE-2021-29617 Source advisory: OSV:PYSEC-2021-545...
com.chaochaogege:hotelapi (>=0.0.1 <=0.0.2), com.chaochaogege:ujnbsapi (>=0.0.3 <=0.0.5) +14 more potentially affected by CVE-2020-35217 via io.vertx:vertx-web (>=4.0.0-milestone1 <=4.0.0-milestone4)
io.vertx:vertx-web MAVEN version =4.0.0-milestone1, =0.0.1, =0.0.3, =0.2.0, =0.2.0, =0.2.0, =4.0.0-milestone1, =4.0.0-milestone1, =4.0.0-milestone1, =4.0.0-milestone1, =4.0.0-milestone1, =4.0.0-milestone1, =4.0.0-milestone1, =4.0.0-milestone1, =4.0.0-milestone1, =4.0.0-milestone4 and more Source...
accession (>=1.9.0 <=3.11.0), agutil (>=2.0.0 <=4.1.1) +178 more potentially affected by CVE-2020-25658 via rsa (>=3.1.4 <=4.6.0)
rsa PYPI version =3.1.4, =1.9.0, =2.0.0, =0.1.2, =2.0.1, =0.1.0, =0.1.0, =0.4.1, =0.2.2, =0.0.22, =2.0.0, =0.10.0, =1.0.0, =1.7.35, =1.19.40 - awsegy =0.1.4 and more Source cves: CVE-2020-25658 Source advisory: OSV:PYSEC-2020-100...
CVE-2020-3284 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability
A vulnerability in the enhanced Preboot eXecution Environment PXE boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the...
CLI-game-of-life (=0.1.0), RustyBox (=0.1.0) +1539 more potentially affected by CVE-2020-35922 via mio (=0.7.14)
mio CARGO version =0.7.14 is affected by a known vulnerability. The following packages have a transitive dependency on mio and may be impacted: - CLI-game-of-life =0.1.0 - RustyBox =0.1.0 - RustyVault =0.1.0, =0.1.0, =2.0.0-beta.1, =0.1.0, =0.9.0, =0.9.0, =0.1.0, =0.1.0, =0.1.0, =0.4.0 and more...
ai4bharat-transliteration (>=1.1.0 <=1.1.3), aipack (>=0.0.1 <=0.0.5) +52 more potentially affected by CVE-2020-15205 via tensorflow (>=2.0.0 <=2.0.1)
tensorflow PYPI version =2.0.0, =1.1.0, =0.0.1, =0.1.3.2, =0.2.6, =0.2.0, =0.0.2, =1.0.0.1, =0.0.1, =1.0.4, =0.6.0.post3, =0.1.3, =1.0.0, =1.0.1 and more Source cves: CVE-2020-15205 Source advisory: OSV:PYSEC-2020-128...
Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability
A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to incomplete input validation of Extensible Authentication Protocol over LAN EAPOL...
ahserver (>=1.0.1 <=1.2.0), aiohttp-admin (>=0.1.0a0 <=0.1.0a3) +62 more potentially affected by CVE-2018-1000519 via aiohttp-session (>=0.8.0 <=2.1.0)
aiohttp-session PYPI version =0.8.0, =1.0.1, =0.1.0a0, =1.0.0, =0.0.1, =1.4.0, =0.3.0, =0.4.3, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =22.3.0, =0.0.1, =0.0.2 and more Source cves: CVE-2018-1000519 Source advisory: OSV:PYSEC-2018-80...