IBM Spectrum Copy Data Management 安全漏洞

IBM Spectrum Copy Data Management, an IBM company that modernizes, streamlines and automates data center copy management processes, is vulnerable to a phishing attack in IBM Spectrum Copy Data Management versions 2.2.0.0 through 2.2.15.0. The vulnerability stems from allowing pages linked to from...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, Inc. and V8 is an open source JavaScript engine. A buffer error vulnerability exists in Google Chrome versions 90.0.4430.72 through 102.0.5005.63, which stems from the presence of a boundary condition in the synthesis component. A remote attacker could...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. and V8 is an open source JavaScript engine. A resource management error vulnerability exists in Google Chrome versions 90.0.4430.72 through 102.0.5005.63, which stems from a boundary error in WebGL. A remote attacker could exploit this vulnerabilit...

com.farcsal.dql:query-es (=0.8.0), com.github.msarhan:elasticsearch-analysis-arabic (>=1.2.0 <=1.4.0) +15 more potentially affected by CVE-2022-23712 via org.elasticsearch:elasticsearch (>=8.0.0 <=8.2.0)

org.elasticsearch:elasticsearch MAVEN version =8.0.0, =1.2.0, =2.6.7, =8.9.0-alpha5, =8.9.0-alpha5, =0.83.0, =6.12, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.2.0, =8.19.16 - org.ff4j:ff4j-store-elastic =2.1 - org.opennms.elasticsearch:elasticsearch-drift-plugin-8.18.2 =2.0.7 and more Source cves...

PT-2022-10466 · Hitachi Energy · Txpert Hub Coretec 4

Name of the Vulnerable Software and Affected Versions: Hitachi Energy TXpert Hub CoreTec 4 versions 2.0.0 through 2.2.1 Description: A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's TXpert Hub CoreTec 4, that depends on a token validation of the...

semver-regex 安全漏洞

npm semver-regex is a regular expression used to match semver versions. semver-regex versions prior to 3.1.4 and versions 4.0.0 inclusive through 4.0.2 have a denial of service vulnerability that stems from not properly handling incoming error messages, which can be exploited to cause a denial of...

Chat Server 输入验证错误漏洞

Chat Server is ramank775 individual developer's chat server based on microservices architecture, supporting high availability, high throughput, and horizontal scaling. An input validation error vulnerability exists in Chat Server versions 2.3.2 through 2.6.0, which stems from the application havi...

GHSA-G954-5HWP-PP24 Prototype Pollution in protobufjs

The package protobufjs is vulnerable to Prototype Pollution, which can allow an attacker to add/modify properties of the Object.prototype. Versions after and including 6.10.0 until 6.10.3 and after and including 6.11.0 until 6.11.3 are vulnerable. This vulnerability can occur in multiple ways: 1...

@chainsafe/lodestar-cli (>=0.12.0 <=0.28.2-dev.18) potentially affected by CVE-2022-29219 via @chainsafe/lodestar (>=0.12.0 <=0.28.2-dev.18)

@chainsafe/lodestar NPM version =0.12.0, =0.12.0, =0.28.2-dev.18 Source cves: CVE-2022-29219 Source advisory: OSV:GHSA-CVJ7-5F3C-9VG9...

00-merlin-hu-mcpdemo-pipy (>=0.1.0 <=0.1.1), 00-renjing-mcp-server-pypi (=0.1.0) +37574 more potentially affected by CVE-2022-29217 via pyjwt (>=1.5.0 <=2.3.0)

pyjwt PYPI version =1.5.0, =0.1.0, =0.1.0, =0.1.6, =0.1.2, =0.1.1, =0.1.0, =0.1.0, =0.6.1 and more Source cves: CVE-2022-29217 Source advisory: OSV:GHSA-FFQJ-6FQR-9H24...

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-29216 via tensorflow-cpu (>=1.15.0 <=2.5.3)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-29216 Source advisory: OSV:GHSA-75C9-JRH4-79MC...

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4878 more potentially affected by CVE-2022-29208 via tensorflow (>=1.0.1 <=2.6.3)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-29208 Source advisory: OSV:GHSA-2R2F-G8MW-9GVR...

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-29206 via tensorflow-cpu (>=1.15.0 <=2.5.3)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-29206 Source advisory: OSV:GHSA-RC9W-5C64-9VQQ...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +176 more potentially affected by CVE-2022-29206 via tensorflow-gpu (>=1.10.1 <=2.6.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-29206 Source advisory: OSV:GHSA-RC9W-5C64-9VQQ...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-29202 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-29202 Source advisory: OSV:GHSA-CWPM-F78V-7M5C...

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-29202 via tensorflow-cpu (>=1.15.0 <=2.5.3)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-29202 Source advisory: OSV:GHSA-CWPM-F78V-7M5C...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +176 more potentially affected by CVE-2022-29200 via tensorflow-gpu (>=1.10.1 <=2.6.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-29200 Source advisory: OSV:GHSA-2VV3-56QG-G2CF...

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4878 more potentially affected by CVE-2022-29199 via tensorflow (>=1.0.1 <=2.6.3)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-29199 Source advisory: OSV:GHSA-P9RC-RMR5-529J...

aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +39 more potentially affected by CVE-2022-29196 via tensorflow (>=2.7.0 <=2.7.1)

tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =1.2.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-29196 Source advisory: OSV:GHSA-5V77-J66X-4C4G...

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-29195 via tensorflow-cpu (>=1.15.0 <=2.5.3)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-29195 Source advisory: OSV:GHSA-H48F-Q7RW-HVR7...