EUVD-2025-31122

Malicious code in bioql PyPI...

User Enumeration

mautic/core is vulnerable to user enumeration. The vulnerability is due to differing response times between valid and invalid usernames, which allows an attacker to enumerate valid accounts and subsequently attempt brute-force attacks...

SUSE CVE-2025-55559

An issue was discovered TensorFlow v2.18.0. A Denial of Service DoS occurs when padding is set to 'valid' in tf.keras.layers.Conv2D...

CVE-2023-53496 x86/platform/uv: Use alternate source for socket to node data

In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...

CVE-2025-59941 go-f3 is Vulnerable to Cached Justification Verification Bypass

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.8 and below, go-f3's justification verification caching mechanism has a vulnerability where verification results are cached without properly considering the context of the message. An attacker can bypass...

Observable Discrepancy

Overview Affected versions of this package are vulnerable to Observable Discrepancy in the authentication process, when Multi-Attribute Login is enabled. An attacker can determine the existence of valid usernames by observing distinct error messages returned by the system in response to login...

PT-2025-39521

Name of the Vulnerable Software and Affected Versions WSO2 products affected versions not specified Description A username enumeration issue exists when Multi-Attribute Login is enabled. The system provides a different response for existing and non-existing usernames, regardless of the validate...

PT-2025-39669

Name of the Vulnerable Software and Affected Versions Aranda PassRecovery version 1.0 Description An issue allows attackers to enumerate valid user accounts in Active Directory. This is achieved by sending a crafted POST request to the /user/existdirectory/1 API endpoint. The POST request allows...

CVE-2025-20312

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when parsing a specific SNMP...

Allocation of Resources Without Limits or Throttling

Overview tensorflow is a machine learning framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the tf.keras.layers.Conv2D function when the padding parameter is set to 'valid'. An attacker can cause the application to crash or...

DEBIAN-CVE-2025-55559

An issue was discovered TensorFlow v2.18.0. A Denial of Service DoS occurs when padding is set to 'valid' in tf.keras.layers.Conv2D...

CVE-2025-55559

An issue was discovered TensorFlow v2.18.0. A Denial of Service DoS occurs when padding is set to 'valid' in tf.keras.layers.Conv2D...

CVE-2025-55559

An issue was discovered TensorFlow v2.18.0. A Denial of Service DoS occurs when padding is set to 'valid' in tf.keras.layers.Conv2D...

UBUNTU-CVE-2025-55559

An issue was discovered TensorFlow v2.18.0. A Denial of Service DoS occurs when padding is set to 'valid' in tf.keras.layers.Conv2D...

CVE-2025-10943 MikeCen WeChat-Face-Recognition wx.php valid cross site scripting

A security flaw has been discovered in MikeCen WeChat-Face-Recognition up to 6e3f72bf8547d80b59e330f1137e4aa505f492c1. This vulnerability affects the function valid of the file wx.php. The manipulation of the argument echostr results in cross site scripting. The attack can be launched remotely...

CVE-2025-55559

An issue was discovered TensorFlow v2.18.0. A Denial of Service DoS occurs when padding is set to 'valid' in tf.keras.layers.Conv2D...

TensorFlow 安全漏洞

TensorFlow is a suite of end-to-end open source platforms for machine learning open-sourced by TensorFlow. A security vulnerability exists in TensorFlow version v2.18.0, which stems from a denial of service attack when padding is set to VALID in tf.keras.layers.Conv2D...

CVE-2025-55559

TensorFlow v2.18.0 has a DoS in tf.keras.layers.Conv2D when padding is set to 'valid'. The issue is tied to the padding handling in Conv2D, with no explicit exploit details provided in the connected documents. Practical impact is Denial of Service (availability) as per the CVE metrics; the precis...

PT-2025-39417

Name of the Vulnerable Software and Affected Versions TensorFlow version 2.18.0 Description A Denial of Service DoS issue exists in TensorFlow. Specifically, the problem occurs within the tf.keras.layers.Conv2D layer when the padding parameter is set to 'valid'. This configuration can lead to a...

CVE-2025-55559

An issue was discovered TensorFlow v2.18.0. A Denial of Service DoS occurs when padding is set to 'valid' in tf.keras.layers.Conv2D...