22 matches found
Security Bulletin: IBM Content Navigator is affected by Apache Xerces2
Summary IBM Content Navigator is affected by multiple vulnerabilities in the Apache Xerces2 Java XML parser library. CVE-2009-2625 and CVE-2022-23437 describe infinite loop conditions triggered by malformed XML input, leading to application hang or denial of service. CVE-2012-0881 allows CPU...
Improper Verification of Cryptographic Signature
Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper validation of the crit header parameter. An attacker can bypass critical header checks by crafting a JSON Web Signature JWS token with unrecognized critical extensions. Po...
CVE-2026-24656
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...
CVE-2026-24656
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...
EUVD-2026-4680
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...
CVE-2026-24656
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...
CVE-2026-24656
Concretely, CVE-2026-24656 affects Apache Karaf Decanter before 2.12.0, specifically the Decanter log socket collector that exposes port 4560 without authentication. If the collector exposes the allowed-classes property, this configuration can be bypassed, allowing deserialization of untrusted da...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the evaluation of credential values in non-POSIX shell environments. An attacker can execute arbitrary commands on the operator's device by crafting malicious credential values in infrastructure Secret...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the evaluation of credential values in non-POSIX shell environments. An attacker can execute arbitrary commands on the operator's device by crafting malicious credential values in infrastructure Secret...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to the arrayops.upperbound function. An attacker can cause a denial of service by providing input that is not a rank 2 tensor. Remediation Upgrade tensorflow-lite to version 2.15.0 or higher. Reference...
Incorrect Comparison
Overview Affected versions of this package are vulnerable to Incorrect Comparison. Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a float pointer exception. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References - GitHub Commit Credit: Wa...
Integer Overflow to Buffer Overflow
Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. PoC import urllib.request dat =...
Out-of-Bounds
Overview Affected versions of this package are vulnerable to Out-of-Bounds due to mismatched integer type sizes in ValueMap::Manager::GetValueOrCreatePlaceholder, because there is a bug with the tfg-translate call to InitMlir. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher...
PT-2023-20233
Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.11.1 TensorFlow versions prior to 2.12.0 Description TensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type sizes. The issue is related to the...
PT-2022-11734 · Openmrs · Openmrs
Name of the Vulnerable Software and Affected Versions: OpenMRS openmrs-module-referenceapplication versions up to 2.11.x Description: A vulnerability was found in the function post of the file omod/src/main/java/org/openmrs/module/referenceapplication/page/controller/UserAppPageController.java of...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when SparseFillEmptyRowsGrad is given empty inputs. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow via tf.rawops.FusedResizeAndPadConv2D when a large tensor shape is given. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References - GitHub Commit - Vulnerable Code Credit: Neophytos Christou from SSL ...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow. The reference kernel of the CONV3DTRANSPOSE TensorFlow Lite operator wrongly increments the dataptr when adding the bias to the result. Instead of dataptr += numchannels; it should be dataptr += outputnumchannels; as if...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. This is vulnerable when an input token that is not a UTF-8 bytestring will trigger a CHECK fail in tf.rawops.PyFunc. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...