PT-2022-33832 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: The issue concerns an optimization in clearing the pending PMI and removal of a WARN ON for PMI check in power pmu disable. The actual impact and attack plausibility have not yet been prove...

clip-jax (=0.0.5) potentially affected by CVE-2022-35983 via tensorflow-cpu (=2.9.0)

tensorflow-cpu PYPI version =2.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - clip-jax =0.0.5 Source cves: CVE-2022-35983 Source advisory: OSV:GHSA-M6VP-8Q9J-WHX4...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-35959 via tensorflow-gpu (>=1.10.1 <=2.7.0)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35959 Source advisory: OSV:GHSA-WXJJ-CGCX-R3VQ...

aggmap (>=1.1.1 <=1.2.1), molmap (>=1.3.1 <=1.4.0) potentially affected by CVE-2022-35941 via tensorflow-gpu (=2.9.1)

tensorflow-gpu PYPI version =2.9.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - aggmap =1.1.1, =1.3.1, =1.4.0 Source cves: CVE-2022-35941 Source advisory: OSV:GHSA-MGMH-G2V6-MQW5...

CVE-2021-42597

A Cross Site Scripting XSS vulnerability exists in Sourcecodester Storage Unit Rental Management System PHP 8.0.10 , Apache 2.4.14, SURMS V 1.0 via the Add New Tenant List Rent List form...

CVE-2021-42597

A Cross Site Scripting XSS vulnerability exists in Sourcecodester Storage Unit Rental Management System PHP 8.0.10 , Apache 2.4.14, SURMS V 1.0 via the Add New Tenant List Rent List form...

Cross site scripting

A Cross Site Scripting XSS vulnerability exists in Sourcecodester Storage Unit Rental Management System PHP 8.0.10 , Apache 2.4.14, SURMS V 1.0 via the Add New Tenant List Rent List form...

CVE-2021-42597

CVE-2021-42597 affects Sourcecodester Storage Unit Rental Management System (SURMS) v1.0 running on PHP 8.0.10 with Apache 2.4.14. A Cross-Site Scripting (XSS) vulnerability exists via the Add New Tenant List Rent List form. Exploitation details are not provided beyond the XSS indication; no reme...

CVE-2022-22105

CVE-2022-22105 describes a memory corruption vulnerability in Bluetooth caused by an integer overflow when processing the HFP-UNIT profile. Affected are Qualcomm Snapdragon devices across multiple lines (Auto, Consumer IoT, Mobile, Voice & Music). Root cause: integer overflow in the HFP-UNIT hand...

Qualcomm 芯片输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. The Qualcomm chip has an input validation error vulnerability tha...

Google TensorFlow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from the GPU kernel failing to assert when tf.linalg.matrixrank receives a null input a, which can be used to trigger a denial-of-servic...

PT-2022-23087 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when the MaxPool function receives a window size input array...

Storage Unit Rental Management System 跨站脚本漏洞

Sourcecodester Storage Unit Rental Management System is a storage unit rental management system that helps manage storage unit rental business records and monitor their records. A security vulnerability exists in Storage Unit Rental Management System version v1.0. An attacker could exploit this...

kernel: KVM: x86/mmu: make apf token non-zero to fix bug

A hang vulnerability is possible in the Linux kernel in arch/x86/kvm/mmu/mmu.c. This issue may lead to compromised availability...

GHSA-V62J-CXHH-FQ22 graphql-java vulnerable to Denial of Service via GraphQL query that consumes CPU resources

graphql-java before 19.0, 18.3, and 17.4 is vulnerable to Denial of Service. An attacker send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0, 18.3, and 17.4...

China Accuses NSA's TAO Unit of Hacking its Military Research University

China has accused the U.S. National Security Agency NSA of conducting a string of cyberattacks aimed at aeronautical and military research-oriented Northwestern Polytechnical University in the city of Xi'an in June 2022. The National Computer Virus Emergency Response Centre NCVERC disclosed its...

PT-2022-6750

Name of the Vulnerable Software and Affected Versions Python versions prior to 3.11.1 Python versions prior to 3.10.9 Python versions prior to 3.9.16 Python versions prior to 3.8.16 Python versions prior to 3.7.16 Description An issue exists in the IDNA RFC 3490 decoder, where an unnecessary...

Hitachi Energy RTU500 安全漏洞

RTU500 is a series of industrial control components from Hitachi, Japan, mainly used in industrial control systems. A buffer overflow vulnerability exists in the Hitachi Energy RTU500 series CMU firmware HCI Modbus TCP function. The vulnerability, which originates when HCI Modbus TCP is enabled a...

CVE-2020-1756

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool...

CVE-2020-1756

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool...