4564 matches found
ae.teletronics.nlp:entityextraction (=1.3), ae.teletronics.nlp:w2vec (=1.0) +20747 more potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-java (>=2.0.3 <=3.16.1)
com.google.protobuf:protobuf-java MAVEN version =2.0.3, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.10 and more Source cves: CVE-2022-3171 Source advisory: OSV:GHSA-H4H5-3HR4-J3G2...
ai.bareun.tagger:bareun (>=1.0.0 <=1.4.1), ai.djl.serving:serving (=0.19.0) +3735 more potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-java (>=3.21.0-rc-1 <=3.21.6)
com.google.protobuf:protobuf-java MAVEN version =3.21.0-rc-1, =1.0.0, =3.42.0.2-1-3.4, =0.0.1, =22.3.2, =22.3.2, =22.3.2, =22.3.2, =1.0.0-beta01, =1.0.0-beta01, =1.0.0-beta06 - at.ac.ait.lablink.clients:universalapiclient =0.1.0 and more Source cves: CVE-2022-3171 Source advisory:...
PT-2022-34626 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v3.18 through v5.15.67 Description: The issue concerns absolute zero lowcore corruption on boot. It was introduced in version v3.18 and fixed in version v5.15.68. The actual impact and attack plausibility have not yet be...
PT-2023-6741 · Ibm +3 · Jsse +5
Name of the Vulnerable Software and Affected Versions: IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE versions 8.0.7.0 through 8.0.7.11 Description: The issue is related to the use of flawed cryptographic algorithms in the Java Secure Socket Extension JSSE and IBMJCEPlus...
Hyperledger Besu 安全漏洞
Hyperledger Besu is an open source application from Hyperledger. It is used to run, maintain, debug and monitor nodes in the Ethernet network. A security vulnerability exists in Hyperledger Besu versions prior to 22.1.3 through 22.7.1, which stems from an error in its 32-bit signed and unsigned...
Parse Server 安全漏洞
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A security vulnerability exists in Parse Server versions prior to 4.10.15, 5.0.0 through 5.2.6. An attacker can use this vulnerability to assign a session object to his or her own user by writi...
PYSEC-2022-280
In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's /confirm endpoint...
Cloudreve 跨站脚本漏洞
Cloudreve is Cloudreve open source a public cloud file system that supports multiple cloud storage drives. A cross-site scripting vulnerability exists in Cloudreve versions v1.0.0 through v3.5.3. The vulnerability stems from the discovery of a cross-site scripting XSS vulnerability via the file...
a2ml (>=1.0.20 <=1.0.55), accelerometer (>=4.2.1 <=7.0.0.dev0) +332 more potentially affected by CVE-2022-21797 via joblib (>=1.0.0 <=1.1.0a0)
joblib PYPI version =1.0.0, =1.0.20, =4.2.1, =1.0.88, =1.0.32, =1.3.0, =1.0.0, =0.20211108144632.0, =0.2.7, =0.1.0, =0.1.5, =0.53.0, =0.0.1, =1.0.1, =1.3.1 and more Source cves: CVE-2022-21797 Source advisory: SNYK:PYTHON-JOBLIB-3027033...
@appsocially/timepassport (>=0.1.2-0.1 <=0.1.29), @becompliancebr/shared-components (>=1.0.0 <=1.10.0) +74 more potentially affected by CVE-2022-25873 via vuetify (>=2.0.0 <=2.6.1)
vuetify NPM version =2.0.0, =0.1.2-0.1, =1.0.0, =1.2.5, =5.0.1-beta.0, =0.0.128, =0.0.101-beta.22, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.1.0, =0.1.1 - @een/cm-timeline-sdk =0.1.8 and more Source cves: CVE-2022-25873 Source advisory: OSV:GHSA-Q4Q5-C5CV-2P68...
CVE-2022-25873
The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...
vuetify 跨站脚本漏洞
vuetify is a German vuetify open source material component framework for Vue. A security vulnerability exists in vuetify versions 2.0.0-beta.4 through 2.6.10, which stems from incorrect input cleanup in the "eventName" function of the VCalendar component...
@budibase/client (>=0.0.999-alpha.30 <=1.3.19-alpha.7), @budibase/frontend-core (>=0.0.1 <=1.3.19-alpha.7) +4 more potentially affected by CVE-2022-3225 via @budibase/bbui (>=0.0.1 <=1.3.19-alpha.7)
@budibase/bbui NPM version =0.0.1, =0.0.999-alpha.30, =0.0.1, =0.0.999-alpha.30, =0.9.1, =0.9.123, =0.9.124 - @operabuild/standard-components =0.9.124 Source cves: CVE-2022-3225 Source advisory: OSV:GHSA-X92G-49GH-63QM...
CVE-2022-40608
IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the operator should not have access...
PT-2022-34505 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v3.12 through v4.14.290 Description: A memory leak issue has been identified. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions v3.12 through v4.14.290, update...
a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +98 more potentially affected by CVE-2022-35985 via tensorflow-cpu (>=1.15.0 <=2.7.0)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-35985 Source advisory: OSV:GHSA-9942-R22V-78CP...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4899 more potentially affected by CVE-2022-35985 via tensorflow (>=1.0.1 <=2.7.1)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.5.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-35985 Source advisory: OSV:GHSA-9942-R22V-78CP...
acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35986 via tensorflow (>=2.8.0 <=2.8.0rc1)
tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35986 Source advisory: OSV:GHSA-WR9V-G9VF-C74V...
acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35989 via tensorflow (>=2.8.0 <=2.8.0rc1)
tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35989 Source advisory: OSV:GHSA-J43H-PGMG-5HJQ...
aliby (>=0.1.18 <=0.1.55), aliby-baby (>=0.1.11 <=0.1.17) +29 more potentially affected by CVE-2022-35974 via tensorflow (>=2.9.0 <=2.9.0rc2)
tensorflow PYPI version =2.9.0, =0.1.18, =0.1.11, =0.30.0, =0.0.0, =1.3.0, =0.3.0, =1.0.1, =1.2.0, =0.0.6, =1.0.12, =0.1.0, =0.1.1 and more Source cves: CVE-2022-35974 Source advisory: OSV:GHSA-VGVH-2PF4-JR2X...