Lucene search
+L

7044 matches found

pypa
pypa
added 2026/07/07 10:17 a.m.4 views

pyLoad vulnerable to Improper Restriction of Rendered UI Layers or Frames

Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33...

6.1CVSS6AI score0.00456EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Pyload Insufficient Session Expiration vulnerability

Pyload 0.5.0b3.dev35 has an Insufficient Session Expiration vulnerability. A patch is available and anticipated to be part of version 0.5.0b3.dev36...

8.3CVSS6.8AI score0.00655EPSS
Exploits1References6Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.4 views

binwalk vulnerable to UNIX Symbolic Link (Symlink) Following

A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the...

6.5CVSS5.3AI score0.01933EPSS
Exploits0References9Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.3 views

pgadmin4 vulnerable to Code Injection

The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pgdump and pgrestore. The utility is executed by the server to determine what PostgreSQL version it is from. Versions of pgAdmin prior to 6.17 failed to...

8.8CVSS7.2AI score0.79933EPSS
Exploits0References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.4 views

OpenStack Kolla sudo privilege escalation vulnerability

A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges...

8.8CVSS7.1AI score0.00211EPSS
Exploits0References8Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.4 views

OS Command Injection in Apache Airflow

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Spark Provider, Apache Airflow allows an attacker to read arbtrary files in the task execution context, without write access to DAG files. This issue affects Spark Provider...

5.5CVSS6.3AI score0.01383EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.4 views

Terms and Conditions Module vulnerable to Open Redirect

A vulnerability has been found in cyface Terms and Conditions Module up to 2.0.10 and classified as problematic. Affected by this vulnerability is the function returnTo of the file termsandconditions/views.py. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading...

6.1CVSS5AI score0.00453EPSS
Exploits0References9Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.4 views

OS Command Injection in Apache Airflow

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Hive Provider, Apache Airflow allows an attacker to execute arbtrary commands in the task execution context, without write access to DAG files. This issue affects Hive Provider...

7.8CVSS7.3AI score0.01753EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.54 views

Graphite Web Cross-site Scripting vulnerability

A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

5.4CVSS3.8AI score0.00765EPSS
Exploits1References8Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.4 views

pyRdfa3 Cross-site Scripting vulnerability

A vulnerability was found in RDFlib pyrdfa3 and classified as problematic. This issue affects the function getoption of the file pyRdfa/init.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is ffd1d62dd50d5f4190013b39cedcdfbd81f3ce3e...

5.4CVSS4AI score0.0056EPSS
Exploits0References8Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.4 views

Tensorflow vulnerable to Out-of-Bounds Read

ImpactWhen the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob vuln occurs.pythontf.rawops.ThreadUnsafeUnigramCandidateSampler trueclasses=0x100000,1, numtrue = 2, numsampled = 2, unique = False, rangemax = 2, seed = 2, seed2 = 2 PatchesWe have...

9.1CVSS7.1AI score0.0038EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.6 views

Invalid char to bool conversion when printing a tensor

ImpactWhen printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. PatchesWe have patched the issue ...

7.5CVSS7.1AI score0.00389EPSS
Exploits0References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.7 views

Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite

ImpactThe reference kernel of the CONV3DTRANSPOSE TensorFlow Lite operator wrongly increments the dataptr when adding the bias to the result.Instead of dataptr += numchannels; it should be dataptr += outputnumchannels; as if the number of input channels is different than the number of output...

8.1CVSS7.3AI score0.00523EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

`MirrorPadGrad` heap out of bounds read

ImpactIf MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error.pythonimport tensorflow as tftf.rawops.MirrorPadGradinput=1, paddings=0x77f00000,0xa000000, mode = 'REFLECT' PatchesWe have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92.The...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

`CHECK` fail via inputs in `SdcaOptimizer`

ImpactInputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer.pythonimport tensorflow as tftf.rawops.SdcaOptimizer sparseexampleindices=4 tf.random.uniform5,5,5,3, dtype=tf.dtypes.int64, maxval=100, sparsefeatureindices=4 tf.random.uniform5,5,5,3,...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Overflow in `ResizeNearestNeighborGrad`

ImpactWhen tf.rawops.ResizeNearestNeighborGrad is given a large size input, it overflows.import tensorflow as tfaligncorners = Truehalfpixelcenters = Falsegrads = tf.constant1, shape=1,8,16,3, dtype=tf.float16size = tf.constant1879048192,1879048192, shape=2,...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Heap overflow in `QuantizeAndDequantizeV2`

ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.pythonimport tensorflow as [email protected] test:...

9.1CVSS7.2AI score0.00401EPSS
Exploits0References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

`tf.raw_ops.Mfcc` crashes

ImpactIf ThreadUnsafeUnigramCandidateSampler is given input filterbankchannelcount greater than the allowed max size, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.Mfcc spectrogram = 1.38, 6.32, 5.75, 9.51, samplerate = 2, upperfrequencylimit = 5.0, lowerfrequencylimit = 1.0,...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Segfault in `CompositeTensorVariantToComponents`

ImpactAn input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents.pythonimport tensorflow as tfencode = tf.rawops.EmptyTensorListelementdtype=tf.int32, elementshape=10, 15, maxnumelements=2meta=...

7.5CVSS7AI score0.0049EPSS
Exploits1References8Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`

ImpactIf SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.SparseFillEmptyRowsGrad reverseindexmap=, gradvalues=, name=None PatchesWe have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8.The fix will be included...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

`CHECK_EQ` fail via input in `SparseMatrixNNZ`

ImpactAn input sparsematrix that is not a matrix with a shape with rank 0 will trigger a CHECK fail in tf.rawops.SparseMatrixNNZ.pythonimport tensorflow as tftf.rawops.SparseMatrixNNZsparsematrix= PatchesWe have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693.The fix...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

`CHECK` fail via inputs in `PyFunc`

ImpactAn input token that is not a UTF-8 bytestring will trigger a CHECK fail in tf.rawops.PyFunc.pythonimport tensorflow as tfvalue = tf.constantvalue=1,2token = b'\xb0'dataType = tf.int32tf.rawops.PyFuncinput=value,token=token,Tout=dataType PatchesWe have patched the issue in GitHub commit...

7.5CVSS7AI score0.0045EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

`CHECK_EQ` fail in `tf.raw_ops.TensorListResize`

ImpactIf tf.rawops.TensorListResize is given a nonscalar value for input size, it results CHECK fail which can be used to trigger a denial of service attack.pythonimport numpy as npimport tensorflow as tfa = datastructures.tftensorlistnewelements = tf.constantvalue=3, 4, 5b = np.zeros0, 2, 3,...

7.5CVSS7AI score0.00439EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Out of bounds write in grappler in Tensorflow

ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. PatchesWe have patched the issue in GitHub commit...

9.1CVSS7.2AI score0.00449EPSS
Exploits0References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.8 views

`FractionalMaxPoolGrad` Heap out of bounds read

ImpactIf FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.FractionMaxPoolGrad originput = 1, 1, 1, 1, 1, origoutput = 1, 1, 1, outbackprop = 3, 3, 6, rowpoolingsequence = -0x4000000, 1, 1,...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.6 views

Cross-site Scripting in kiwitcms

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...

7.1CVSS6.7AI score0.00454EPSS
Exploits1References5Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.6 views

FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess

ImpactAn input poolingratio that is smaller than 1 will trigger a heap OOB in tf.rawops.FractionalMaxPool and tf.rawops.FractionalAvgPool. PatchesWe have patched the issue in GitHub commit 216525144ee7c910296f5b05d214ca1327c9ce48.The fix will be included in TensorFlow 2.11.0. We will also cherry...

9.8CVSS7.2AI score0.00579EPSS
Exploits1References6Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Overflow in `FusedResizeAndPadConv2D`

ImpactWhen tf.rawops.FusedResizeAndPadConv2D is given a large tensor shape, it overflows.pythonimport tensorflow as tfmode = "REFLECT"strides = 1, 1, 1, 1padding = "SAME"resizealigncorners = Falseinput = tf.constant147, shape=3,3,1,1, dtype=tf.float16size = tf.constant1879048192,1879048192,...

7.5CVSS6.9AI score0.0043EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Out of bounds segmentation fault due to unequal op inputs in Tensorflow

Impact tf.rawops.DynamicStitch specifies input sizes when it is registered. cppREGISTEROP"DynamicStitch" .Input"indices: N int32" .Input"data: N T" .Output"merged: T" .Attr"N : int = 1" .Attr"T : type" .SetShapeFnDynamicStitchShapeFunction;When it receives a differing number of inputs, such as wh...

7.5CVSS7AI score0.0035EPSS
Exploits1References8Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.6 views

Overflow in `ImageProjectiveTransformV2`

ImpactWhen tf.rawops.ImageProjectiveTransformV2 is given a large output shape, it overflows.pythonimport tensorflow as tfinterpolation = "BILINEAR"fillmode = "REFLECT"images = tf.constant0.184634328, shape=2,5,8,3, dtype=tf.float32transforms = tf.constant0.378575385, shape=2,8,...

7.5CVSS7AI score0.0043EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Seg fault in `ndarray_tensor_bridge` due to zero and large inputs

ImpactIf a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. E.g. the following raises an error:pythonnp.ones0, 231, 231An example of a proof of concept:pythonimport numpy as npimport tensorflow as tfinputval =...

7.5CVSS6.9AI score0.0033EPSS
Exploits1References6Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

`CHECK` fail in `BCast` overflow

ImpactIf BCast::ToShape is given input larger than an int32, it will crash, despite being supposed to handle up to an int64. An example can be seen in tf.experimental.numpy.outer by passing in large input to the input b.pythonimport tensorflow as tfvalue = tf.constantshape=2, 1024, 1024, 1024,...

7.5CVSS6.9AI score0.00439EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Segfault in `tf.raw_ops.TensorListConcat`

ImpactIf tf.rawops.TensorListConcat is given elementshape=, it results segmentation fault which can be used to trigger a denial of service attack.pythonimport tensorflow as tftf.rawops.TensorListConcat inputhandle=tf.data.experimental.tovarianttf.data.Dataset.fromtensorslices1, 2, 3,...

7.5CVSS7AI score0.0043EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.6 views

Overflow in `tf.keras.losses.poisson`

Impacttf.keras.losses.poisson receives a ypred and ytrue that are passed through functor::mul in BinaryOp. If the resulting dimensions overflow an int32, TensorFlow will crash due to a size mismatch during broadcast assignment.pythonimport numpy as npimport tensorflow as tftruevalue =...

7.5CVSS7AI score0.0044EPSS
Exploits1References8Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Segfault via invalid attributes in `pywrap_tfe_src.cc`

ImpactIf a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors as input ksizes.pythonimport numpy as npimport...

7.5CVSS7AI score0.00404EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Lin CMS vulnerable to Improper Authentication

An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator...

6.6CVSS6.7AI score0.01016EPSS
Exploits1References6Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Apache Pulsar Disabled Certificate Validation for OAuth Client Credential Requests makes C++/Python Clients vulnerable to MITM attack

The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0 Client Credential Flow, even when tlsAllowInsecureConnection is disabled via configuration. This vulnerability allows an attacker to perform a man in the middle attack and intercept and/or...

8.1CVSS7.2AI score0.00704EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS)

An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the getfiletransfertype method...

7.5CVSS7.2AI score0.00816EPSS
Exploits1References8Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)

An exponential ReDoS Regular Expression Denial of Service can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.fromstring method...

7.5CVSS7.2AI score0.00816EPSS
Exploits1References8Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

FPE in `tf.image.generate_bounding_box_proposals`

ImpactWhen running on GPU, tf.image.generateboundingboxproposals receives a scores input that must be of rank 4 but is not checked.pythonimport tensorflow as tfa = tf.constantvalue=1.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0b =...

7.5CVSS7AI score0.00439EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Powerline Gitstatus vulnerable to arbitrary code execution

powerline-gitstatus aka Powerline Gitstatus before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory automatically runs gi...

7.8CVSS7.3AI score0.0042EPSS
Exploits1References8Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

jwcrypto token substitution can lead to authentication bypass

The JWT code can auto-detect the type of token being provided, and this can lead the application to incorrect conclusions about the trustworthiness of the token.Quoting the private disclosure we received : "Under certain circumstances, it is possible to substitute a .. signed JWS with a JWE that ...

5.9AI score0.00435EPSS
Exploits0References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Flask-Security vulnerable to Open Redirect

This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vulnerability is only...

6.1CVSS6.7AI score0.00913EPSS
Exploits1References6Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

protobuf-cpp and protobuf-python have potential Denial of Service issue

SummaryA message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory OOM failure when processing a specially crafted message, which could lead to a denial of service DoS on services using the libraries.Reporter:...

7.5CVSS6.8AI score0.01191EPSS
Exploits0References13Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

Inventree vulnerable to Stored Cross-site Scripting

Inventree prior to 0.8.3 is vulnerable to stored cross-site scripting by uploading SVG files. Version 0.8.3 contains a patch for this issue...

8.2CVSS6.6AI score0.00619EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.6 views

TensorFlow vulnerable to `CHECK` fail in `ParameterizedTruncatedNormal`

ImpactParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack.pythonimport tensorflow as tfseed = 1618seed2 = 0shape = tf.random.uniformshape=3, minval=-10000,...

7.5CVSS7AI score0.00396EPSS
Exploits0References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

TensorFlow vulnerable to `CHECK` fail in `Save` and `SaveSlices`

ImpactIf Save or SaveSlices is run over tensors of an unsupported dtype, it results in a CHECK fail that can be used to trigger a denial of service attack.pythonimport tensorflow as tffilename = tf.constant""tensornames = tf.constant"" Savedata = tf.casttf.random.uniformshape=1, minval=-10000,...

7.5CVSS7AI score0.00396EPSS
Exploits0References7Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.5 views

When matrix-nio receives forwarded room keys, the receiver doesn't check if it requested the key from the forwarder

When matrix-nio before 0.20 requests a room key from our devices, it correctly accepts key forwards only if they are a response to a previous request. However, it doesn't check that the device that responded matches the device the key was requested from.This allows a malicious homeserver to inser...

8.6CVSS6.9AI score0.00559EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.7 views

OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

5.5CVSS6.2AI score0.0022EPSS
Exploits0References10Affected Software1
pypa
pypa
added 2026/07/07 10:17 a.m.6 views

Twisted vulnerable to NameVirtualHost Host header injection

When the host header does not match a configured host, twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.Example configuration:pythonfrom twisted.web.server import Sitefrom...

5.4CVSS6.5AI score0.01156EPSS
Exploits1References10Affected Software1
Total number of security vulnerabilities7044