Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted linkRead More ...
Continue Reading
February 01, 2024
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 (i.e., long long) arguments. However, there ...
Continue Reading
February 01, 2024
An issue has been discovered in GitLab CE/EE affecting all previous versions. If the victim is an admin, it was possible to issue a CSRF in System hooks through the...Read More ...
Continue Reading
February 01, 2024
An issue has been discovered in GitLab CE/EE affecting all previous versions. If the victim is an admin, it was possible to issue a CSRF in System hooks through the...Read More ...
Continue Reading
February 01, 2024
A regular expression denial of service issue has been discovered in NuGet API affecting all versions of GitLab starting from version...Read More ...
Continue Reading
February 01, 2024
Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. This affects GitLab >=12.2 to <13.4.7, >=13.5 ...
Continue Reading
February 01, 2024
TensorFlow is an end-to-end open source platform for machine learning. The API of tf.raw_ops.SparseCross allows combinations which would result in a CHECK-failure and denial of service. This is becaus ...
Continue Reading
February 01, 2024
TensorFlow is an end-to-end open source platform for machine learning. The API of tf.raw_ops.SparseCross allows combinations which would result in a CHECK-failure and denial of service. This is becaus ...
Continue Reading
February 01, 2024
Back to Main
