16 matches found
LDAP Injection
Overview org.apache.shiro:shiro-core is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. Affected versions of this package are vulnerable to LDAP Injection in the DefaultLdapRealm class. An attacker can bypass...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the improper enforcement of access controls in the ReadAll and GetTaskAttachment processes. An attacker can gain unauthorized access to and delete file attachments across all...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the DownloadImage function when processing user avatar URLs from OpenID Connect authentication. An attacker can cause the server to make arbitrary HTTP requests to internal or cloud metadata endpoint...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the ReadOne process. An attacker can gain unauthorized access to and delete files belonging to other users by supplying their own accessible task ID along with a target attachment...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the DownloadFile and DownloadFileWithHeaders functions. An attacker can cause the server to make arbitrary HTTP requests to internal network resources by supplying crafted URLs during the migration...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the DownloadFile and DownloadFileWithHeaders functions. An attacker can cause the server to make arbitrary HTTP requests to internal network resources by supplying crafted URLs during the migration...
Missing Authentication for Critical Function
Overview frosh/adminer-platform is an Adminer for Shopware Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the Adminer route configuration, which does not enforce session validation. An attacker can gain unauthorized access to sensitive...
Race Condition
Overview lifx-async is an A modern, type-safe, async Python library for controlling LIFX lights Affected versions of this package are vulnerable to Race Condition due to improper synchronization in concurrent request handling within the network module. The package fails to implement adequate...
Security Bulletin: Buffer Over-read in PostgreSQL GB18030 Encoding Validation Leading to Potential DoS , affects watsonx.data
Summary Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9,...
Memory Allocation with Excessive Size Value
Overview isc.org/stork/backend/server/restservice is an open source ISC project providing a monitoring application and dashboard for ISC Kea DHCP and eventually ISC BIND 9. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the http.Handler functio...
Security Bulletin: Logrus is vulnerable to a denial of service, caused by a flaw in the bufio.Scanner log writer., which affects IBM watsonx.data
Summary Logrus is vulnerable to a denial of service, caused by a flaw in the bufio.Scanner log writer. By logging more than 64kb of data in a single entry without newlines, a local attacker could exploit this vulnerability to cause a denial of service. These can affect watsonx.data. Vulnerability...
Security Bulletin: VInsecure Default Permissions in Apache Hadoop's RunJar.run() Expose Sensitive Data in Shared Temporary Directory, which affects IBM watsonx.data
Summary Apache Hadoop's RunJar.run does not set permissions for temporary directory by default. If sensitive data will be present in this file, all the other local users may be able to view the content. This is because, on unix-like systems, the system temporary directory is shared between all...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the getLast API when processing user-supplied table names. An attacker can execute arbitrary SQL statements on the underlying database by sending crafted API requests, potentially resulting in data theft, corruption,...
SUSE CVE-2020-15210
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b a...
PT-2020-14283 · Google · Tensorflow Lite
Name of the Vulnerable Software and Affected Versions: TensorFlow Lite versions prior to 2.2.1 TensorFlow Lite versions prior to 2.3.1 Description: The issue allows models using segment sum to trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment...
PT-2020-14263 · Google +1 · Tensorflow +1
Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 2.2.1 Tensorflow versions prior to 2.3.1 Description: The issue occurs when a user passes a list of strings to dlpack.to dlpack, resulting in a memory leak following an expected validation failure. This happens...