Lucene search
+L

7044 matches found

PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Type confusion leading to `CHECK`-failure based denial of service in TensorFlow

ImpactThe macros that TensorFlow uses for writing assertions e.g., CHECKLT, CHECKGT, etc. have an incorrect logic when comparing sizet and int values. Due to type conversion rules, several of the macros would trigger incorrectly. PatchesWe have patched the issue in GitHub commit...

5.5CVSS6.1AI score0.00386EPSS
Exploits1References13Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.3 views

Access control issue in AlekSIS-Core

An access control issue in aleksis/core/util/authhelpers.py: ClientProtectedResourceMixin of AlekSIS-Core v2.8.1 and below allows attackers to access arbitrary scopes if no allowed scopes are specifically set...

6.5CVSS6.7AI score0.00661EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.3 views

Segfault if `tf.histogram_fixed_width` is called with NaN values in TensorFlow

ImpactThe implementation of tf.histogramfixedwidth is vulnerable to a crash when the values array contain NaN elements:pythonimport tensorflow as tfimport numpy as nptf.histogramfixedwidthvalues=np.nan, valuerange=1,2The implementation assumes that all floating point operations are defined and th...

5.5CVSS6.1AI score0.00314EPSS
Exploits1References13Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Unrestricted Attachment Upload

ImpactInvenTree allows unrestricted upload of files as attachments to various database fields. Potentially dangerous files such as HTML files containing malicious javascript can be uploaded, and when opened by the user run the malicious code directly in the users browser.Note that the upload of...

9CVSS7.2AI score0.01168EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

CSV Injection in inventree

Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2...

9CVSS7.2AI score0.01209EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Heap buffer overflow due to incorrect hash function in TensorFlow

ImpactThe TensorKey hash function used total estimated AllocatedBytes, which a is an estimate per tensor, and b is a very poor hash function for constants e.g. int32t. It also tried to access individual tensor bytes through tensor.data of size AllocatedBytes. This led to ASAN failures because the...

5.5CVSS6.2AI score0.00225EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Core dump when loading TFLite models with quantization in TensorFlow

ImpactCertain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale of values could be greater than 1 but code was always assuming sub-unit scaling.Thus, since code was calling...

5.5CVSS6.2AI score0.00316EPSS
Exploits1References12Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Code injection in `saved_model_cli` in TensorFlow

ImpactTensorFlow's savedmodelcli tool is vulnerable to a code injection:savedmodelcli run --inputexprs 'x=print"malicious code to run"' --dir ./--tagset serve --signaturedef servingdefaultThis can be used to open a reverse shell savedmodelcli run --inputexprs 'hello=exec"""\nimport...

7.8CVSS7AI score0.00536EPSS
Exploits1References12Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.3 views

Incomplete validation in signal ops leads to crashes in TensorFlow

ImpactThe tf.compat.v1.signal.rfft2d and tf.compat.v1.signal.rfft3d lack input validation and under certain condition can result in crashes due to CHECK-failures. Patches We have patched the issue in GitHub commit 0a8a781e597b18ead006d19b7d23d0a369e9ad73 merging GitHub PR 55274.The fix will be...

5.5CVSS6.1AI score0.0031EPSS
Exploits1References12Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.3 views

Segfault and OOB write due to incomplete validation in `EditDistance` in TensorFlow

ImpactThe implementation of tf.rawops.EditDistance has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service:pythonimport tensorflow as tfhypothesisindices = tf.constant-1250999896764, shape=3, 3, dtype=tf.int64 hypothesisvalues = tf.constant0...

7.1CVSS7.1AI score0.00378EPSS
Exploits1References10Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.3 views

Potential double free of buffer during string decoding

ImpactWhat kind of vulnerability is it? Who is impacted?When an error occurs while reallocating the buffer for string decoding, the buffer gets freed twice.Due to how UltraJSON uses the internal decoder, this double free is impossible to trigger from Python. PatchesHas the problem been patched?...

5.9CVSS6.8AI score0.01682EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.6 views

Missing validation crashes `QuantizeAndDequantizeV4Grad`

ImpactThe implementation of tf.rawops.QuantizeAndDequantizeV4Grad does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tftf.rawops.QuantizeAndDequantizeV4Grad gradients=tf.constant1,...

5.5CVSS6.2AI score0.0034EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Missing validation causes denial of service via `Conv3DBackpropFilterV2`

ImpactThe implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tftf.strings.unsortedsegmentjoin inputs='123', segmentids=0, numsegments=-1The...

5.5CVSS6.2AI score0.00346EPSS
Exploits1References13Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Missing validation causes denial of service via `SparseTensorToCSRSparseMatrix`

ImpactThe implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfindices = tf.constant53, shape=3, dtype=tf.int64values =...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Integer overflow in `SpaceToBatchND`

ImpactThe implementation of tf.rawops.SpaceToBatchND in all backends such as XLA and handwritten kernels is vulnerable to an integer overflow:pythonimport tensorflow as tfinput = tf.constant-3.5e+35, shape=10,19,22, dtype=tf.float32blockshape = tf.constant-1879048192, shape=2,...

5.5CVSS6.1AI score0.00333EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Undefined behavior when users supply invalid resource handles

ImpactMultiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid:pythonimport tensorflow as tftf.rawops.QueueIsClosedV2handle=pythonimport tensorflow as tftf.summary.flushwriter= In graph mode, it would have been impossible to perform these API...

5.5CVSS6.1AI score0.00317EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Missing validation causes denial of service via `LSTMBlockCell`

ImpactThe implementation of tf.rawops.LSTMBlockCell does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tftf.rawops.LSTMBlockCell x=tf.constant0.837607, shape=28,29, dtype=tf.float32,...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.5 views

Missing validation causes denial of service via `DeleteSessionTensor`

ImpactThe implementation of tf.rawops.DeleteSessionTensor does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfhandle = tf.constant"", shape=0,...

5.5CVSS6.2AI score0.00325EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Segfault due to missing support for quantized types

ImpactThere is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1. ops which don't yet have support for quantized types added after migration to TF 2.x:pythonimport numpy as npimport tensorflow as...

5.5CVSS6.1AI score0.00317EPSS
Exploits1References12Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Denial of service in `tf.ragged.constant` due to lack of validation

ImpactThe implementation of tf.ragged.constant does not fully validate the input arguments. This results in a denial of service by consuming all available memory:pythonimport tensorflow as tftf.ragged.constantpylist=,raggedrank=8968073515812833920 PatchesWe have patched the issue in GitHub commit...

5.5CVSS6.1AI score0.00316EPSS
Exploits1References12Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Missing validation causes denial of service via `UnsortedSegmentJoin`

ImpactThe implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tftf.rawops.UnsortedSegmentJoin inputs=tf.constant"this", shape=12,...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.5 views

Missing validation causes denial of service via `StagePeek`

ImpactThe implementation of tf.rawops.StagePeek does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfindex = tf.constant, shape=0, dtype=tf.int32tf.rawops.StagePeekindex=index,...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.5 views

Missing validation causes denial of service via `GetSessionTensor`

ImpactThe implementation of tf.rawops.GetSessionTensor does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfhandle = tf.constant"", shape=0,...

5.5CVSS6.2AI score0.0035EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Missing validation causes denial of service via `Conv3DBackpropFilterV2`

ImpactThe implementation of tf.rawops.Conv3DBackpropFilterV2 does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tftf.rawops.Conv3DBackpropFilterV2 input=tf.constant.5053710941,...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.7 views

Missing validation results in undefined behavior in `QuantizedConv2D`

ImpactThe implementation of tf.rawops.QuantizedConv2D does not fully validate the input arguments:pythonimport tensorflow as tfinput = tf.constant1, shape=1, 2, 3, 3, dtype=tf.quint8filter = tf.constant1, shape=1, 2, 3, 3, dtype=tf.quint8 bad argsmininput = tf.constant, shape=0,...

5.5CVSS6.1AI score0.00333EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.5 views

Missing validation results in undefined behavior in `SparseTensorDenseAdd

ImpactThe implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments:pythonimport tensorflow as tfaindices = tf.constant0, shape=17, 2, dtype=tf.int64avalues = tf.constant, shape=0, dtype=tf.float32ashape = tf.constant6, 12, shape=2, dtype=tf.int64b =...

5.5CVSS6.1AI score0.00338EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.5 views

Missing validation causes denial of service via `LoadAndRemapMatrix`

ImpactThe implementation of tf.rawops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfckptpath = tf.constant "/tmp/warmstartingutiltest5kl2a3pc/tmpph76tep2/model-0"...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.7 views

aptdaemon Information Disclosure via Improper Input Validation in Transaction class

There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an...

4CVSS6AI score0.0048EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Pallets Werkzeug vulnerable to Path Traversal

In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names such as C: in Windows pathnames...

7.5CVSS7.1AI score0.55526EPSS
Exploits7References6Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.5 views

Mirumee Saleor CSRF Protection Disabled

In Mirumee Saleor 2.7.0 fixed in 2.8.0, CSRF protection middleware was accidentally disabled, which allowed attackers to send a POST request without a valid CSRF token and be accepted by the server...

8.8CVSS7.2AI score0.00613EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Openstack cinder Improper handling of ScaleIO backend credentials

An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleI...

7.1CVSS6.6AI score0.01203EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

ClusterLabs crmsh vulnerable to shell code injection

An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call crm history when crm is run were able to execute commands via shell code injection to the crm history commandline, potentially allowing escalation of privileges...

7.8CVSS7.2AI score0.00675EPSS
Exploits1References10Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.5 views

PyDio Stored XSS Vulnerability

A stored XSS vulnerability exists in the web application of Pydio through 8.2.2 that can be exploited by levering the file upload and file preview features of the application. An authenticated attacker can upload an HTML file containing JavaScript code and afterwards a file preview URL can be use...

5.4CVSS6.5AI score0.00675EPSS
Exploits3References6Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

OpenStack Keystone allows information disclosure during account locking

OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking related to PCI DSS features. By guessing the name of an account and failing to authenticate multiple times, any unauthenticated...

7.5CVSS6.7AI score0.02457EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.3 views

wolfCrypt leaks cryptographic information via timing side channel

wolfSSL and wolfCrypt 4.0.0 and earlier when configured without --enable-fpecc, --enable-sp, or --enable-sp-math contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about th...

4.7CVSS5.9AI score0.00362EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.5 views

OpenStack Nova can leak consoleauth token into log files

An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is...

3.3CVSS6.7AI score0.00407EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.5 views

Matrix Sydent mishandles emails

util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...

5.9CVSS6.8AI score0.01861EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.6 views

Cobbler is vulnerable to code injection

templateapi.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other products, does not disable the ability of the Cheetah template engine to execute Python statements contained in templates, which allows remote authenticated administrators to execute arbitrary code via a...

8.5CVSS6.4AI score0.03327EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.3 views

Missing validation causes `TensorSummaryV2` to crash

ImpactThe implementation of tf.rawops.TensorSummaryV2 does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport numpy as npimport tensorflow as tftf.rawops.TensorSummaryV2 tag=np.array'test', tensor=np.array3,...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.5 views

XML External Entity (XXE) in Django

The XML libraries for Python as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity XXE attack...

5CVSS7.2AI score0.04593EPSS
Exploits0References16Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

XML Entity Expansion (XEE) in Django

The XML libraries for Python, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute Nova Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service resource consumption and crash via an XML Entity Expansion XEE attack...

5CVSS7.2AI score0.04863EPSS
Exploits1References16Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors

The "create an instance" API in OpenStack Compute Nova Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:ispublic property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for...

3.5CVSS6.1AI score0.01497EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Plone anonymous access to sub-objects in CMFEditions where KwAsAttributes classes were publishable

The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587...

9.3CVSS6AI score0.01972EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Plone XSS Vulnerability

Cross-site scripting XSS vulnerability in skins/plonetemplates/defaulterrormessage.pt in Plone before 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the typename parameter to Members/ipa/createObject...

4.3CVSS6.1AI score0.01143EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.5 views

Fabric vulnerable to symlink attack on tmp files

Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on 1 a /tmp/fab..tar file or 2 certain other files in the top level of /tmp/...

4.4CVSS6AI score0.00328EPSS
Exploits0References12Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Zope Command Execution Vulnerability

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p class in OFS/misc.py and the use of Python modules...

9.3CVSS6.2AI score0.78546EPSS
Exploits15References14Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.14 views

Cobbler subject to Command Injection

A Command Injection in actionpower.py in Cobbler prior to v2.6.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 username or 2 password fields to the powersystem method in the xmlrpc API...

7.5CVSS7.5AI score0.05555EPSS
Exploits1References13Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.4 views

Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown

Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...

6.1CVSS6.1AI score0.02164EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.3 views

OpenStack Compute (Nova) vulnerable to denial of service via XML Entity Expansion attack

The security group extension in OpenStack Compute Nova Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service resource consumption and crash via an XML Entity Expansion XEE attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664...

4.3CVSS6AI score0.02703EPSS
Exploits1References10Affected Software1
PyPA
PyPA
added 2026/07/06 8:3 a.m.3 views

OpenStack Compute Nova Improper Access Control

The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...

6.4CVSS6AI score0.01808EPSS
Exploits0References12Affected Software1
Total number of security vulnerabilities7044