 ## Introduction The recent [story]() about the 19-year-old hacker who took ...
Continue Reading
May 30, 2022
### Summary An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to ...
Continue Reading
May 30, 2022
### Impact Multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid: ```python import tensorflow as tf tf.raw_ops.QueueIsClosedV2(handle=[]) ``` ```p ...
Continue Reading
May 30, 2022
### Impact The implementation of [`tf.raw_ops.LSTMBlockCell`](https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/rnn/lstm_ops.cc) does not f ...
Continue Reading
May 30, 2022
The Easy!Appointments API authorization is checked against the user's existence, without validating the permissions. As a result, a low privileged user (eg. provider) can create a new admin user via t ...
Continue Reading
May 25, 2022
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io ...
Continue Reading
May 25, 2022
# Description SQL injection exists in the camptocamp/terraboard. Among all APIs there is an API routed to `/api/search/attribute`, whose corresponding method is [api.SearchAttribute](https://github.co ...
Continue Reading
May 25, 2022
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. * The attacker creates a workflow that produces a HTML artifact that contains a HTML fi ...
Continue Reading
May 23, 2022
Back to Main
