Cross-domain cookie leakage in Guzzle

### Impact Previous version of Guzzle contain a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets th ...

Continue Reading
Undefined behavior when users supply invalid resource handles

### Impact Multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid: ```python import tensorflow as tf tf.raw_ops.QueueIsClosedV2(handle=[]) ``` ```p ...

Continue Reading
Missing validation causes denial of service via `LSTMBlockCell`

### Impact The implementation of [`tf.raw_ops.LSTMBlockCell`](https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/rnn/lstm_ops.cc) does not f ...

Continue Reading
Access to Unix domain socket can lead to privileges escalation in Cilium

### Impact Users with host file system access on a node and the privileges to run as group ID 1000 can gain access to the per node API of Cilium via Unix domain socket on the host where Cilium is runn ...

Continue Reading
RST Threat feed. IOC: api.dom-ua.online

Found **api[.]dom-ua.online** in [RST Threat Feed](https://rstc...Read More ...

Continue Reading
RST Threat feed. IOC: api.elementaryprocess.com

Found **api[.]elementaryprocess.com** in [RST Threat Feed](http...Read More ...

Continue Reading
RST Threat feed. IOC: api.essentialarchive.com

Found **api[.]essentialarchive.com** in [RST Threat Feed](https...Read More ...

Continue Reading
RST Threat feed. IOC: api.filtercommand.com

Found **api[.]filtercommand.com** in [RST Threat Feed](https://...Read More ...

Continue Reading

Back to Main

Subscribe for the latest news:
Generated by Feedzy