7044 matches found
pyLoad vulnerable to Improper Restriction of Rendered UI Layers or Frames
Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33...
Pyload Insufficient Session Expiration vulnerability
Pyload 0.5.0b3.dev35 has an Insufficient Session Expiration vulnerability. A patch is available and anticipated to be part of version 0.5.0b3.dev36...
binwalk vulnerable to UNIX Symbolic Link (Symlink) Following
A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the...
pgadmin4 vulnerable to Code Injection
The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pgdump and pgrestore. The utility is executed by the server to determine what PostgreSQL version it is from. Versions of pgAdmin prior to 6.17 failed to...
OpenStack Kolla sudo privilege escalation vulnerability
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges...
OS Command Injection in Apache Airflow
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Spark Provider, Apache Airflow allows an attacker to read arbtrary files in the task execution context, without write access to DAG files. This issue affects Spark Provider...
Terms and Conditions Module vulnerable to Open Redirect
A vulnerability has been found in cyface Terms and Conditions Module up to 2.0.10 and classified as problematic. Affected by this vulnerability is the function returnTo of the file termsandconditions/views.py. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading...
OS Command Injection in Apache Airflow
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Hive Provider, Apache Airflow allows an attacker to execute arbtrary commands in the task execution context, without write access to DAG files. This issue affects Hive Provider...
Graphite Web Cross-site Scripting vulnerability
A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...
pyRdfa3 Cross-site Scripting vulnerability
A vulnerability was found in RDFlib pyrdfa3 and classified as problematic. This issue affects the function getoption of the file pyRdfa/init.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is ffd1d62dd50d5f4190013b39cedcdfbd81f3ce3e...
Tensorflow vulnerable to Out-of-Bounds Read
ImpactWhen the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob vuln occurs.pythontf.rawops.ThreadUnsafeUnigramCandidateSampler trueclasses=0x100000,1, numtrue = 2, numsampled = 2, unique = False, rangemax = 2, seed = 2, seed2 = 2 PatchesWe have...
Invalid char to bool conversion when printing a tensor
ImpactWhen printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. PatchesWe have patched the issue ...
Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite
ImpactThe reference kernel of the CONV3DTRANSPOSE TensorFlow Lite operator wrongly increments the dataptr when adding the bias to the result.Instead of dataptr += numchannels; it should be dataptr += outputnumchannels; as if the number of input channels is different than the number of output...
`MirrorPadGrad` heap out of bounds read
ImpactIf MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error.pythonimport tensorflow as tftf.rawops.MirrorPadGradinput=1, paddings=0x77f00000,0xa000000, mode = 'REFLECT' PatchesWe have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92.The...
`CHECK` fail via inputs in `SdcaOptimizer`
ImpactInputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer.pythonimport tensorflow as tftf.rawops.SdcaOptimizer sparseexampleindices=4 tf.random.uniform5,5,5,3, dtype=tf.dtypes.int64, maxval=100, sparsefeatureindices=4 tf.random.uniform5,5,5,3,...
Overflow in `ResizeNearestNeighborGrad`
ImpactWhen tf.rawops.ResizeNearestNeighborGrad is given a large size input, it overflows.import tensorflow as tfaligncorners = Truehalfpixelcenters = Falsegrads = tf.constant1, shape=1,8,16,3, dtype=tf.float16size = tf.constant1879048192,1879048192, shape=2,...
Heap overflow in `QuantizeAndDequantizeV2`
ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.pythonimport tensorflow as [email protected] test:...
`tf.raw_ops.Mfcc` crashes
ImpactIf ThreadUnsafeUnigramCandidateSampler is given input filterbankchannelcount greater than the allowed max size, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.Mfcc spectrogram = 1.38, 6.32, 5.75, 9.51, samplerate = 2, upperfrequencylimit = 5.0, lowerfrequencylimit = 1.0,...
Segfault in `CompositeTensorVariantToComponents`
ImpactAn input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents.pythonimport tensorflow as tfencode = tf.rawops.EmptyTensorListelementdtype=tf.int32, elementshape=10, 15, maxnumelements=2meta=...
`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`
ImpactIf SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.SparseFillEmptyRowsGrad reverseindexmap=, gradvalues=, name=None PatchesWe have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8.The fix will be included...
`CHECK_EQ` fail via input in `SparseMatrixNNZ`
ImpactAn input sparsematrix that is not a matrix with a shape with rank 0 will trigger a CHECK fail in tf.rawops.SparseMatrixNNZ.pythonimport tensorflow as tftf.rawops.SparseMatrixNNZsparsematrix= PatchesWe have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693.The fix...
`CHECK` fail via inputs in `PyFunc`
ImpactAn input token that is not a UTF-8 bytestring will trigger a CHECK fail in tf.rawops.PyFunc.pythonimport tensorflow as tfvalue = tf.constantvalue=1,2token = b'\xb0'dataType = tf.int32tf.rawops.PyFuncinput=value,token=token,Tout=dataType PatchesWe have patched the issue in GitHub commit...
`CHECK_EQ` fail in `tf.raw_ops.TensorListResize`
ImpactIf tf.rawops.TensorListResize is given a nonscalar value for input size, it results CHECK fail which can be used to trigger a denial of service attack.pythonimport numpy as npimport tensorflow as tfa = datastructures.tftensorlistnewelements = tf.constantvalue=3, 4, 5b = np.zeros0, 2, 3,...
Out of bounds write in grappler in Tensorflow
ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. PatchesWe have patched the issue in GitHub commit...
`FractionalMaxPoolGrad` Heap out of bounds read
ImpactIf FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.FractionMaxPoolGrad originput = 1, 1, 1, 1, 1, origoutput = 1, 1, 1, outbackprop = 3, 3, 6, rowpoolingsequence = -0x4000000, 1, 1,...
Cross-site Scripting in kiwitcms
A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess
ImpactAn input poolingratio that is smaller than 1 will trigger a heap OOB in tf.rawops.FractionalMaxPool and tf.rawops.FractionalAvgPool. PatchesWe have patched the issue in GitHub commit 216525144ee7c910296f5b05d214ca1327c9ce48.The fix will be included in TensorFlow 2.11.0. We will also cherry...
Overflow in `FusedResizeAndPadConv2D`
ImpactWhen tf.rawops.FusedResizeAndPadConv2D is given a large tensor shape, it overflows.pythonimport tensorflow as tfmode = "REFLECT"strides = 1, 1, 1, 1padding = "SAME"resizealigncorners = Falseinput = tf.constant147, shape=3,3,1,1, dtype=tf.float16size = tf.constant1879048192,1879048192,...
Out of bounds segmentation fault due to unequal op inputs in Tensorflow
Impact tf.rawops.DynamicStitch specifies input sizes when it is registered. cppREGISTEROP"DynamicStitch" .Input"indices: N int32" .Input"data: N T" .Output"merged: T" .Attr"N : int = 1" .Attr"T : type" .SetShapeFnDynamicStitchShapeFunction;When it receives a differing number of inputs, such as wh...
Overflow in `ImageProjectiveTransformV2`
ImpactWhen tf.rawops.ImageProjectiveTransformV2 is given a large output shape, it overflows.pythonimport tensorflow as tfinterpolation = "BILINEAR"fillmode = "REFLECT"images = tf.constant0.184634328, shape=2,5,8,3, dtype=tf.float32transforms = tf.constant0.378575385, shape=2,8,...
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs
ImpactIf a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. E.g. the following raises an error:pythonnp.ones0, 231, 231An example of a proof of concept:pythonimport numpy as npimport tensorflow as tfinputval =...
`CHECK` fail in `BCast` overflow
ImpactIf BCast::ToShape is given input larger than an int32, it will crash, despite being supposed to handle up to an int64. An example can be seen in tf.experimental.numpy.outer by passing in large input to the input b.pythonimport tensorflow as tfvalue = tf.constantshape=2, 1024, 1024, 1024,...
Segfault in `tf.raw_ops.TensorListConcat`
ImpactIf tf.rawops.TensorListConcat is given elementshape=, it results segmentation fault which can be used to trigger a denial of service attack.pythonimport tensorflow as tftf.rawops.TensorListConcat inputhandle=tf.data.experimental.tovarianttf.data.Dataset.fromtensorslices1, 2, 3,...
Overflow in `tf.keras.losses.poisson`
Impacttf.keras.losses.poisson receives a ypred and ytrue that are passed through functor::mul in BinaryOp. If the resulting dimensions overflow an int32, TensorFlow will crash due to a size mismatch during broadcast assignment.pythonimport numpy as npimport tensorflow as tftruevalue =...
Segfault via invalid attributes in `pywrap_tfe_src.cc`
ImpactIf a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors as input ksizes.pythonimport numpy as npimport...
Lin CMS vulnerable to Improper Authentication
An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator...
Apache Pulsar Disabled Certificate Validation for OAuth Client Credential Requests makes C++/Python Clients vulnerable to MITM attack
The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0 Client Credential Flow, even when tlsAllowInsecureConnection is disabled via configuration. This vulnerability allows an attacker to perform a man in the middle attack and intercept and/or...
snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS)
An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the getfiletransfertype method...
pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)
An exponential ReDoS Regular Expression Denial of Service can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.fromstring method...
FPE in `tf.image.generate_bounding_box_proposals`
ImpactWhen running on GPU, tf.image.generateboundingboxproposals receives a scores input that must be of rank 4 but is not checked.pythonimport tensorflow as tfa = tf.constantvalue=1.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0b =...
Powerline Gitstatus vulnerable to arbitrary code execution
powerline-gitstatus aka Powerline Gitstatus before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory automatically runs gi...
jwcrypto token substitution can lead to authentication bypass
The JWT code can auto-detect the type of token being provided, and this can lead the application to incorrect conclusions about the trustworthiness of the token.Quoting the private disclosure we received : "Under certain circumstances, it is possible to substitute a .. signed JWS with a JWE that ...
Flask-Security vulnerable to Open Redirect
This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vulnerability is only...
protobuf-cpp and protobuf-python have potential Denial of Service issue
SummaryA message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory OOM failure when processing a specially crafted message, which could lead to a denial of service DoS on services using the libraries.Reporter:...
Inventree vulnerable to Stored Cross-site Scripting
Inventree prior to 0.8.3 is vulnerable to stored cross-site scripting by uploading SVG files. Version 0.8.3 contains a patch for this issue...
TensorFlow vulnerable to `CHECK` fail in `ParameterizedTruncatedNormal`
ImpactParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack.pythonimport tensorflow as tfseed = 1618seed2 = 0shape = tf.random.uniformshape=3, minval=-10000,...
TensorFlow vulnerable to `CHECK` fail in `Save` and `SaveSlices`
ImpactIf Save or SaveSlices is run over tensors of an unsupported dtype, it results in a CHECK fail that can be used to trigger a denial of service attack.pythonimport tensorflow as tffilename = tf.constant""tensornames = tf.constant"" Savedata = tf.casttf.random.uniformshape=1, minval=-10000,...
When matrix-nio receives forwarded room keys, the receiver doesn't check if it requested the key from the forwarder
When matrix-nio before 0.20 requests a room key from our devices, it correctly accepts key forwards only if they are a response to a previous request. However, it doesn't check that the device that responded matches the device the key was requested from.This allows a malicious homeserver to inser...
OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...
Twisted vulnerable to NameVirtualHost Host header injection
When the host header does not match a configured host, twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.Example configuration:pythonfrom twisted.web.server import Sitefrom...