Google TensorFlow up to 2.3.3/2.4.2/2.5.0 tf.raw_ops.RaggedGather out-of-bounds read

A vulnerability, which was classified as problematic, was found in Google TensorFlow up to 2.3.3/2.4.2/2.5.0 (Artificial Intelligence Software). This affects the function tf.raw_ops.RaggedGather. Upgrading to version 2.3.4, 2.4.3, 2.5.1 or 2.6.0 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-28102 : DISCORDRB ENCODER.RB FILE OS COMMAND INJECTION

CVE-2023-28102 : DISCORDRB ENCODER.RB FILE OS COMMAND INJECTION

Description discordrb is an implementation of the Discord API using Ruby. In discordrb before commit `91e13043ffa` the `encoder.rb` file unsafely

CVE-2022-4126 : ABB RCCMD PRIOR 4.40 230207 HARD-CODED PASSWORD

CVE-2022-4126 : ABB RCCMD PRIOR 4.40 230207 HARD-CODED PASSWORD

Description Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and

CVE-2023-25655 : BASERCMS UP TO 4.7.4 UNRESTRICTED UPLOAD

CVE-2023-25655 : BASERCMS UP TO 4.7.4 UNRESTRICTED UPLOAD

Description baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system