Google TensorFlow up to 2.3.3/2.4.2/2.5.0 tf.raw_ops.UncompressElement null pointer dereference

A vulnerability classified as problematic has been found in Google TensorFlow up to 2.3.3/2.4.2/2.5.0 (Artificial Intelligence Software). Affected is the function tf.raw_ops.UncompressElement. Upgrading to version 2.3.4, 2.4.3, 2.5.1 or 2.6.0 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-28843 : PAYPAL UP TO 3.16.3 ON PRESTASHOP SQL INJECTION

CVE-2023-28843 : PAYPAL UP TO 3.16.3 ON PRESTASHOP SQL INJECTION

Description PrestaShop/paypal is an open source module for the PrestaShop web commerce ecosystem which provides paypal payment support. A SQL

CVE-2023-28727 : PANASONIC AISEG2 UP TO 2.93A HEADER X-FORWARDED-FOR IMPROPER AUTHENTICATION

CVE-2023-28727 : PANASONIC AISEG2 UP TO 2.93A HEADER X-FORWARDED-FOR IMPROPER AUTHENTICATION

Description Panasonic AiSEG2 versions 2.00J through 2.93A allows adjacent attackers bypass authentication due to mishandling of X-Forwarded-For headers. References https://www2.panasonic.biz/jp/densetsu/aiseg/firmup_info.html

CVE-2022-36980 : IVANTI AVALANCHE 6.3.2.3490 ENTERPRISESERVER SERVICE TOCTOU

CVE-2022-36980 : IVANTI AVALANCHE 6.3.2.3490 ENTERPRISESERVER SERVICE TOCTOU

Description This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required