CVE-2025-32029

ts-asn1-der is a collection of utility classes to encode ASN.1 data following DER rule. Incorrect number DER encoding can lead to denial on service for absolute values in the range 231 -- 232 - 1. The arithmetic in the numBitLen didn't take into account that values in this range could result in a...

CVE-2024-53982 Arbitrary file download in Zoo-Project Echo Example

ZOO-Project is a C-based WPS Web Processing Service implementation. A path traversal vulnerability was discovered in Zoo-Project Echo example. The Echo example available by default in Zoo installs implements file caching, which can be controlled by user-given parameters. No input validation is...

PT-2024-15671

Name of the Vulnerable Software and Affected Versions Microsoft Clarity plugin for WordPress versions up to, and including, 0.9.3 Description The issue is related to Cross-Site Request Forgery due to missing nonce validation on the edit clarity project id function. This allows unauthenticated...

CVE-2022-29213 Incomplete validation in signal ops leads to crashes in TensorFlow

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the tf.compat.v1.signal.rfft2d and tf.compat.v1.signal.rfft3d lack input validation and under certain condition can result in crashes due to CHECK-failures. Versions 2.9.0, 2.8.1, 2.7.2,...

CVE-2022-24711 Remote CLI Command Execution Vulnerability in CodeIgniter4

CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP request. Version 4.1.9 contains a patch. There are currently no known workarounds for this vulnerabilit...

CVE-2021-37663

TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in tf.rawops.QuantizeV2, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. Th...

PYSEC-2021-286

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to BoostedTreesSparseCalculateBestFeatureSplit. The implementation needs to validate that...

VideoLAN VLC Media Player MKV Demuxer Code Execution

Added: 06/27/2011 CVE: CVE-2011-0531 BID: 46060 OSVDB: 70698 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem VideoLan VLC 1.1.6.1 and earlier are vulnerable to a remote code execution vulnerability as a result of insufficien...

MS Windows (LegitCheckControl.dll) Genuine Advantage Validation Patch

No description provided by source. / Will be moved to tools section shortly /str0ke Name: Windows Genuine Advantage Validation Patch Copyright: NeoSecurityTeam Author: HaCkZaTaN [email protected] Date: 31/07/05 21:42 Description: LegitCheckControl.dll 1.3.254.0...

Microsoft Windows - LegitCheckControl.dll Genuine Advantage Validation Patch

Microsoft Windows - LegitCheckControl.dll Genuine Advantage Validation Patch / Will be moved to tools section shortly /str0ke Name: Windows Genuine Advantage Validation Patch Copyright: NeoSecurityTeam Author: HaCkZaTaN Date: 31/07/05 21:42 Description: LegitCheckControl.dll 1.3.254.0...