Lucene search
K
GithubMost viewed

33225 matches found

Github Security Blog
Github Security Blog
•added 2021/08/25 2:39 p.m.•47 views

FPE in LSH in TFLite

Impact An attacker can craft a TFLite model that would trigger a division by zero error in LSH implementation. cc int RunningSignBitconst TfLiteTensor input, const TfLiteTensor weight, float seed int inputitembytes = input-bytes / SizeOfDimensioninput, 0; // ... There is no check that the first...

5.5CVSS5.9AI score0.00152EPSS
Exploits0References7Affected Software3
Github Security Blog
Github Security Blog
•added 2021/06/29 9:25 p.m.•47 views

Cross-site scripting in Dutchcoders transfer.sh

Dutchcoders transfer.sh before 1.2.4 allows XSS via an inline view...

6.1CVSS4.2AI score0.01009EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/21 5:9 p.m.•47 views

Automatic room upgrade handling can be used maliciously to bridge a room non-consentually

Impact If a bridge has room upgrade handling turned on in the configuration the roomUpgradeOpts key when instantiating a new Bridge instance., any m.room.tombstone event it encounters will be used to unbridge the current room and bridge into the target room. However, the target room m.room.create...

6.5CVSS0.6AI score0.00936EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/16 5:18 p.m.•47 views

Expression Language Injection in Apache Syncope

A Server-Side Template Injection was identified in Apache Syncope prior to 2.1.6 enabling attackers to inject arbitrary Java EL expressions, leading to an unauthenticated Remote Code Execution RCE vulnerability. Apache Syncope uses Java Bean Validation JSR 380 custom constraint validators. When...

9.8CVSS9.8AI score0.04821EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/16 5:10 p.m.•47 views

Cross-site scripting in Jenkins Kiuwan Plugin

Jenkins Kiuwan Plugin 1.6.0 and earlier does not escape query parameters in an error message for a form validation endpoint, resulting in a reflected cross-site scripting XSS vulnerability. Only older releases of Jenkins are affected by this vulnerability. Jenkins 2.275 and newer, LTS 2.263.2 and...

6.1CVSS5.6AI score0.01216EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/15 4:10 p.m.•47 views

Insufficiently random values in Ansible

A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords a...

5.5CVSS2.4AI score0.00435EPSS
Exploits1References9Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/08 8:12 p.m.•47 views

SQL Injection in tribalsystems/zenario

SQL Injection in the "adminboxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to obtain sesnitive database information by injecting SQL commands into the "cID" parameter when creating a new HTML component...

4.9CVSS4.2AI score0.01327EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/08 8:10 p.m.•47 views

Cross-site Scripting (XSS) in baserCMS

Improper neutralization of JavaScript input in the page editing function of baserCMS versions prior to 4.4.5 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors...

5.4CVSS5.6AI score0.00731EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/21 2:31 p.m.•47 views

Legacy Node API Allows Impersonation in github.com/spiffe/spire/pkg/server/endpoints/node

Summary In SPIRE 0.8.1 through 0.8.4 and before versions 0.9.4, 0.10.2, 0.11.3 and 0.12.1, specially crafted requests to the FetchX509SVID RPC of SPIRE Server’s Legacy Node API github.com/spiffe/spire/pkg/server/endpoints/node can result in the possible issuance of an X.509 certificate with a URI...

8.1CVSS7.8AI score0.00558EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/21 2:28 p.m.•47 views

Division by zero in TFLite's implementation of hashtable lookup

Impact The TFLite implementation of hashtable lookup is vulnerable to a division by zero error: cc const int numrows = SizeOfDimensionvalue, 0; const int rowbytes = value-bytes / numrows; An attacker can craft a model such that values's first dimension would be 0. Patches We have patched the issu...

5.5CVSS2.1AI score0.00189EPSS
Exploits1References8Affected Software3
Github Security Blog
Github Security Blog
•added 2021/05/21 2:28 p.m.•47 views

Integer overflow in TFLite concatentation

Impact The TFLite implementation of concatenation is vulnerable to an integer overflow issue: cc for int d = 0; d dims-size; ++d if d == axis sumaxis += t-dims-dataaxis; else TFLITEENSUREEQcontext, t-dims-datad, t0-dims-datad; An attacker can craft a model such that the dimensions of one of the...

7.1CVSS2.1AI score0.00192EPSS
Exploits1References8Affected Software3
Github Security Blog
Github Security Blog
•added 2021/05/21 2:28 p.m.•47 views

Division by zero in TFLite's implementation of `OneHot`

Impact The implementation of the OneHot TFLite operator is vulnerable to a division by zero error: cc int prefixdimsize = 1; for int i = 0; i dims-datai; const int suffixdimsize = NumElementsopcontext.indices / prefixdimsize; An attacker can craft a model such that at least one of the dimensions ...

7.8CVSS2.4AI score0.00201EPSS
Exploits1References8Affected Software3
Github Security Blog
Github Security Blog
•added 2021/05/21 2:26 p.m.•47 views

CHECK-fail due to integer overflow

Impact An attacker can trigger a denial of service via a CHECK-fail in caused by an integer overflow in constructing a new tensor shape: python import tensorflow as tf inputlayer = 260-1 sparsedata = tf.rawops.SparseSplit splitdim=1, indices=0, 0, 0, 1, 0, 2, 4, 3, 5, 0, 5, 1, values=1.0, 1.0, 1....

5.5CVSS4AI score0.00189EPSS
Exploits1References7Affected Software3
Github Security Blog
Github Security Blog
•added 2021/05/21 2:26 p.m.•47 views

Heap buffer overflow in `MaxPoolGrad`

Impact The implementation of tf.rawops.MaxPoolGrad is vulnerable to a heap buffer overflow: python import tensorflow as tf originput = tf.constant0.0, shape=1, 1, 1, 1, dtype=tf.float32 origoutput = tf.constant0.0, shape=1, 1, 1, 1, dtype=tf.float32 grad = tf.constant, shape=0, 0, 0, 0,...

7.8CVSS1.3AI score0.00214EPSS
Exploits1References7Affected Software3
Github Security Blog
Github Security Blog
•added 2021/05/18 9:7 p.m.•47 views

github.com/tidwall/gjson is vulnerable to Denial of service

GJSON 1.6.5 allows attackers to cause a denial of service remote via crafted JSON...

7.5CVSS7.2AI score0.0182EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/18 6:27 p.m.•47 views

SQL Injection in Cloud Native Computing Foundation Harbor

Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform...

7.2CVSS4.3AI score0.02104EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/07 3:50 p.m.•47 views

Improper Handling of Highly Compressed Data (Data Amplification) and Memory Allocation with Excessive Size Value in eventlet

Impact A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. Patches Version 0.31.0 restricts websocket frame to reasonable limits. Workarounds Restricting memory usa...

5.3CVSS1.5AI score0.01807EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/06 6:11 p.m.•47 views

Prototype Pollution in deeps

All versions of package deeps up to and including version 1.4.5 are vulnerable to Prototype Pollution via the set function...

9.8CVSS9AI score0.01916EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/30 5:30 p.m.•47 views

Cross-site scripting (XSS) from unsanitized uploaded SVG files in Kirby

Impact An editor with write access to the Kirby Panel can upload an SVG or XML file that contains harmful content like tags. The direct link to that file can be sent to other users or visitors of the site. If the victim opens that link in a browser where they are logged in to Kirby, the script wi...

7.6CVSS5.7AI score0.03174EPSS
Exploits4References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/20 4:13 p.m.•47 views

Open Redirect in autobahn

Autobahn|Python before 20.12.3 allows redirect header injection...

6.1CVSS6.9AI score0.01425EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/19 3:12 p.m.•47 views

VVE-2021-0001: Memory corruption using function calls within arrays

Impact When performing a function call inside an array, there is a memory corruption issue that occurs because of an incorrect pointer to the the tip of the stack. Patches This issue was partially fixed in VVE-2020-0004, however the fix did not update similar code for arrays, which had a similar...

2.5AI score
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/13 3:32 p.m.•47 views

Arbitrary code execution in kill-by-port

This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

8.8CVSS4.3AI score0.01765EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/13 3:30 p.m.•47 views

Path Traversal in node-red-contrib-huemagic

node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file...

7.5CVSS7.3AI score0.09331EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/13 3:20 p.m.•47 views

Prototype Pollution in iniparserjs

This affects all versions of package iniparserjs. This vulnerability relates when iniparser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

6.8CVSS4AI score0.00982EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/12 7:50 p.m.•47 views

Command Injection in async-git

The package async-git before 1.13.2 are vulnerable to Command Injection via shell meta-characters back-ticks. For example: git.reset'atouch HACKEDb'...

9.8CVSS9.4AI score0.02549EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 9:0 p.m.•47 views

Out-of-bounds write

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916...

7.6CVSS2.6AI score0.09215EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 8:55 p.m.•47 views

Out-of-bounds write

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1335...

7.6CVSS2.6AI score0.09509EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 6:25 p.m.•47 views

Insecure temporary file in Netflix OSS Hollow

ID: NFLX-2021-001 Title: Local information disclosure in Hollow Release Date: 2021-03-23 Credit: Security Researcher @JLLeitschuh Overview Security researcher @JLLeitschuh reported that Netflix Hollow a Netflix OSS project available here: https://github.com/Netflix/hollow writes to a local...

4.4CVSS4.2AI score0.00243EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/22 11:29 p.m.•47 views

XStream is vulnerable to an Arbitrary Code Execution attack

Impact The vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required...

9.8CVSS2AI score0.14301EPSS
Exploits1References17Affected Software1
Github Security Blog
Github Security Blog
•added 2021/02/26 7:53 p.m.•47 views

PHP Code Injection by malicious function name in smarty

Template authors could inject php code by choosing a malicous function name. Sites that cannot fully trust template authors should update as soon as possible. Please upgrade to 3.1.39 or higher...

9.8CVSS2.1AI score0.82316EPSS
Exploits1References12Affected Software1
Github Security Blog
Github Security Blog
•added 2020/10/01 5:16 p.m.•47 views

Environment Variable Injection in GitHub Actions

Impact The @actions/core npm module addPath and exportVariable functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment variables being modifie...

5CVSS3.7AI score0.01501EPSS
Exploits2References4Affected Software1
Github Security Blog
Github Security Blog
•added 2020/09/25 6:28 p.m.•47 views

Segfault in Tensorflow

Impact In eager mode, TensorFlow does not set the session state. Hence, calling tf.rawops.GetSessionHandle or tf.rawops.GetSessionHandleV2 results in a null pointer dereference:...

5.3CVSS1.5AI score0.00903EPSS
Exploits1References9Affected Software3
Github Security Blog
Github Security Blog
•added 2020/09/25 6:28 p.m.•47 views

Heap buffer overflow in Tensorflow

Impact The implementation of SparseFillEmptyRowsGrad uses a double indexing pattern: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/core/kernels/sparsefillemptyrowsop.ccL263-L269 It is possible for reverseindexmapi to be an index outside of bound...

8.8CVSS1.4AI score0.00938EPSS
Exploits1References9Affected Software3
Github Security Blog
Github Security Blog
•added 2020/09/25 6:28 p.m.•47 views

Memory corruption in Tensorflow

Impact The implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor:...

7.1CVSS2.4AI score0.00681EPSS
Exploits1References9Affected Software3
Github Security Blog
Github Security Blog
•added 2020/09/25 6:28 p.m.•47 views

Denial of Service in Tensorflow

Impact The RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure:...

5.9CVSS1.3AI score0.00805EPSS
Exploits1References8Affected Software3
Github Security Blog
Github Security Blog
•added 2020/09/11 9:22 p.m.•47 views

Cross-Site Scripting in swagger-ui

Versions of swagger-ui prior to 2.2.1 are vulnerable to Cross-Site Scripting XSS. The package fails to encode output in GET requests. The request is meant to respond with Content-Type application/json which does not trigger the vulnerability but if the web server changes the header to text/html i...

3.8AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
•added 2020/09/04 3:11 p.m.•47 views

Regular Expression Denial of Service in markdown

All versions of markdown are vulnerable to Regular Expression Denial of Service ReDoS. The markdown.toHTML function has significantly degraded performance when parsing long strings containing underscores. This may lead to Denial of Service if the parser accepts user input. Recommendation No fix i...

4.8AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
•added 2020/09/03 9:16 p.m.•47 views

Path Traversal in decompress

Versions of decompress prior to 4.2.1 are vulnerable to Arbitrary File Write. The package fails to prevent extraction of files with relative paths, allowing attackers to write to any folder in the system by including filenames containing../. Recommendation Upgrade to version 4.2.1 or later...

9.8CVSS5.2AI score0.02147EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
•added 2020/07/30 2:58 p.m.•47 views

False-positive validity for NFT1 genesis transactions

Impact In the npm package named "slp-validate", versions prior to 1.2.2 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any o...

7.5CVSS0.9AI score0.01036EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2020/07/29 4:15 p.m.•47 views

Exposure of Sensitive Information to an Unauthorized Actor in TYPO3 CMS

Meta CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C 7.5 CWE-20, CWE-200 Problem In case an attacker manages to generate a valid cryptographic message authentication code HMAC-SHA1 - either by using a different existing vulnerability or in case the internal encryptionKey was...

8.1CVSS0.9AI score0.01782EPSS
Exploits1References6Affected Software2
Github Security Blog
Github Security Blog
•added 2020/07/27 9:52 p.m.•47 views

Out-of-bounds reads in Pillow

Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c...

5.5CVSS6AI score0.01468EPSS
Exploits0References26Affected Software1
Github Security Blog
Github Security Blog
•added 2020/07/27 9:52 p.m.•47 views

Out-of-bounds reads in Pillow

In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file...

5.5CVSS5.8AI score0.0142EPSS
Exploits0References15Affected Software1
Github Security Blog
Github Security Blog
•added 2020/07/27 4:57 p.m.•47 views

Multiple stored XSS in RBAC Admin screens in Apache Airflow

An issue was found in Apache Airflow versions 1.10.10 and below. It was discovered that many of the admin management screens in the new/RBAC UI handled escaping incorrectly, allowing authenticated users with appropriate permissions to create stored XSS attacks...

5.4CVSS4AI score0.01251EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2020/07/07 4:32 p.m.•47 views

XXE attack in Mapfish Print

Impact A user can do to an XML External Entity XXE attack with the provided SDL style. Patches Use version = 3.24 Workarounds No References https://cwe.mitre.org/data/definitions/611.html https://github.com/mapfish/mapfish-print/pull/1397/commits/e1d0527d13db06b2b62ca7d6afb9e97dacd67a0e For more...

9.3CVSS8.8AI score0.01342EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
•added 2019/05/14 4:2 a.m.•47 views

Exposure of Sensitive Information to an Unauthorized Actor and SQL Injection in Spring Data JPA

This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. Derived queries using any of the predicates ?startingWith?, ?endingWith? or ?containing? could return more results than anticipated when a maliciously crafted query parameter value is supplied. Also, LIKE...

5.3CVSS2.6AI score0.01087EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
•added 2019/03/25 4:17 p.m.•47 views

Improper Input Validation python-gnupg

python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...

7.5CVSS4.5AI score0.08548EPSS
Exploits2References15Affected Software1
Github Security Blog
Github Security Blog
•added 2019/03/14 3:40 p.m.•47 views

org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service vulnerable to Improper Certificate Validation

Apache Hive JDBC + HiveServer2 implements SSL for plain TCP and HTTP connections it supports both transport modes. While validating the server's certificate during the connection setup, the client in Apache Hive before 1.2.2 and 2.0.x before 2.0.1 doesn't seem to be verifying the common name...

7.5CVSS0.7AI score0.01006EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
•added 2019/02/12 5:26 p.m.•47 views

Critical severity vulnerability that affects Haraka

Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versions 2.8.8 and earlier can be vulnerable to command injection...

9.8CVSS2.6AI score0.13377EPSS
Exploits4References3Affected Software1
Github Security Blog
Github Security Blog
•added 2018/12/21 5:48 p.m.•47 views

Improper Authentication in Keycloak

The SAML broker consumer endpoint in Keycloak before version 4.6.0.Final ignores expiration conditions on SAML assertions. An attacker can exploit this vulnerability to perform a replay attack...

8.1CVSS3.9AI score0.00814EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
•added 2018/12/14 6:51 p.m.•47 views

Buffer Overflow in pycrypto

Heap-based buffer overflow in the ALGnew function in blocktemplace.c in Python Cryptography Toolkit aka pycrypto allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py...

9.8CVSS7.8AI score0.09501EPSS
Exploits1References10Affected Software1
Total number of security vulnerabilities5000