Lucene search
K

9 matches found

CVE
CVE
added 2026/06/14 11:30 p.m.18 views

CVE-2026-12193

VS Revo RevoUninstaller 2.5.x/2.6.x contains a heap-based overflow in IOCtl_Handler of RevoDetector.sys (IOCTL Handler). The vulnerability enables a local attack and is supported by publicly available exploit material. Upgrading to version 2.7.0 fixes the issue. If you rely on affected builds, ap...

8.5CVSS7.5AI score0.00142EPSS
Exploits0References10
Snyk
Snyk
added 2026/05/22 1:44 p.m.9 views

Improper Validation of Specified Type of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input in the API request handlers due to insufficient validation of user-supplied input. An attacker can cause the plugin process to crash by sending a specially crafted HTTP request to the PR...

5.3CVSS5.8AI score0.0025EPSS
Exploits0References2
OSV
OSV
added 2026/05/11 2:51 p.m.3 views

GHSA-MF9V-MFXR-J63J urllib3: Decompression-bomb safeguards bypassed in parts of the streaming API

Impact urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/11 2:51 p.m.20 views

urllib3: Decompression-bomb safeguards bypassed in parts of the streaming API

Impact urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.12 views

PT-2026-39666

Name of the Vulnerable Software and Affected Versions urllib3 versions 2.6.0 through 2.6.x Description An issue exists in the streaming API where the library may decompress an entire HTTP response instead of the requested portion. This occurs in two scenarios: during the second...

8.9CVSS5.7AI score0.0068EPSS
Exploits0References382
Vulnrichment
Vulnrichment
added 2023/08/23 3:37 p.m.14 views

CVE-2023-40273 Session fixation in Apache Airflow web interface

The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database for database session backen...

7.8AI score0.01366EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/11/05 12:0 a.m.7 views

PT-2021-23193 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow version 2.6.1 Description: TensorFlow is an open source platform for machine learning. The async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free due to...

7.8CVSS7.7AI score0.00204EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2021/11/05 12:0 a.m.4 views

PT-2021-23168 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.1 and earlier TensorFlow versions 2.5.2 and earlier TensorFlow versions 2.4.4 and earlier Description: The Keras pooling layers in TensorFlow can trigger a segfault if the size of the...

6.8CVSS5.2AI score0.0023EPSS
Exploits1References16
Snyk
Snyk
added 2020/08/05 3:28 p.m.5 views

Cross-site Request Forgery (CSRF)

Overview pghero is a performance dashboard for Postgres. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF. The Ruby gem is vulnerable with non-session based authentication methods like basic authentication - session-based authentication methods like Devise's...

8.1CVSS9.3AI score0.00465EPSS
Exploits0References2
Rows per page
Query Builder