ThreatChat ThreatHistory Video Feed

Apple AirTag hacked again – free internet with no mobile data plan!

Gamers beware! Crooks take advantage of MSI download outage…

S3 Ep32: AirTag jailbreak, Dell vulns, and a never-ending scam [Podcast]

Beware fake online trading apps, on iOS as well as Android

Apple AirTag jailbroken already – hacked in rickroll attack

Never say never! Warren Buffett caught up in integer overflow error…

S3 Ep31: Apple zero-days, Flubot scammers and PHP supply chain bug [Podcast]

Firefox for Android gets critical update to block cookie-stealing hole

Dell fixes exploitable holes in its own firmware update driver – patch now!

Apple products hit by fourfecta of zero-day exploits – patch now!

DarkSide Suffers ‘Oh, Crap!’ Server Shutdowns

Ransomware’s New Swindle: Triple Extortion

How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly

Scheme Flooding Allows User Tracking Across Browsers

FIN7 Backdoor Masquerades as Ethical Hacking Tool

Verizon: Pandemic Ushers in ⅓ More Cyber Misery

Colonial Pipeline Shells Out $5M in Extortion Payout, Report

Ransomware Going for $4K on the Cyber-Underground

Beyond MFA: Rethinking the Authentication Key

Major U.S. Pipeline Crippled in Ransomware Attack

Fresh Loader Targets Aviation Victims with Spy RATs

DarkSide Wanted Money, Not Disruption from Colonial Pipeline Attack

Five Critical Password Security Rules Your Employees Are Ignoring

Shifting Threats in a Changed World: Edge, IoT and Vaccine Fraud

Telegram Fraudsters Ramp Up Forged COVID-19 Vaccine Card Sales

Spotlight on Cybercriminal Supply Chains

Breaking Down Joe Biden's $10B Cybersecurity 'Down Payment'

CISOs Prep For COVID-19 Exposure Notification in the Workplace

From Triton to Stuxnet: Preparing for OT Incident Response

Phishers Delivering Increasingly Convincing Lures

Oscar-Bait, Literally: Hackers Abuse Nominated Films for Phishing, Malware

QR Codes Offer Easy Cyberattack Avenues as Usage Spikes

Podcast: Microsoft Exchange Server Attack Onslaught Continues

Podcast: Ransomware Attacks Exploded in Q4 2020

Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report

Emotet's Takedown: Have We Seen the Last of the Malware?

A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets

Simplifying Proactive Defense With Threat Playbooks

National Surveillance Camera Rollout Roils Privacy Activists

Malware Gangs Partner Up in Double-Punch Security Threat

How Email Attacks are Evolving in 2021

Patrick Wardle on Hackers Leveraging 'Powerful' iOS Bugs in High-Level Attacks

Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares

How the Pandemic is Reshaping the Bug Bounty Landscape

Experts Weigh in on E-Commerce Security Amid Snowballing Threats

Cybercriminals Step Up Their Game Ahead of U.S. Elections

A Cyber 'Vigilante' is Sabotaging Emotet's Return

2020 Cybersecurity Trends to Watch

Top Mobile Security Stories of 2019

Facebook Security Debacles: 2019 Year in Review

Biggest Malware Threats of 2019

Top 10 IoT Disasters of 2019

2019 Malware Trends to Watch

Top 2018 Security and Privacy Stories

2019: The Year Ahead in Cybersecurity

2018: A Banner Year for Breaches

Rapid7 Source Code Accessed in Supply Chain Attack

How Faster COVID-19 Research Is Being Made Possible ...

Cisco Confirms Plans to Acquire Kenna Security

SOC Teams Burdened by Alert Fatigue Explore XDR

Wi-Fi Design, Implementation Flaws Allow a Range of ...

Security Trends to Follow at RSA Conference 2021

Dark Reading | Security | Protect The Business

85% of Data Breaches Involve Human Interaction: ...

Firms Struggle to Secure Multicloud Misconfigurations

Dragos & IronNet Partner on Critical Infrastructure ...

When AI Becomes the Hacker

Microsoft Adds GPS Location to Identity & Access ...

Adapting to the Security Threat of Climate Change

Defending the Castle: How World History Can Teach ...

Verizon DBIR 2021: "Winners" No Surprise, But ...

Despite Heightened Breach Fears, Incident Response ...

Dark Reading | Security | Protect The Business

Putting the Spotlight on DarkSide

66% of CISOs Feel Unprepared for Cyberattacks

Vulnerable Protocols Leave Firms Open to Further ...

Microsoft investigating new Windows 10 high-pitched noise issue

Colonial Pipeline restores operations, $5 million ransom demanded

Colonial Pipeline restores operations, $5 million ransom demanded

DarkSide ransomware servers reportedly seized, operation shuts down

DarkSide ransomware servers reportedly seized, operation shuts down

Meet Lorenz — A new ransomware gang targeting the enterprise

Meet Lorenz — A new ransomware gang targeting the enterprise

Ransomware ads now also banned on Exploit cybercrime forum

Ransomware ads now also banned on Exploit cybercrime forum

The Week in Ransomware - May 14th 2021 - One down, many more to go

The Week in Ransomware - May 14th 2021 - One down, many more to go

Microsoft adds Windows 10 HDR support for Photoshop, Lightroom

QNAP warns of eCh0raix ransomware attacks, Roon Server zero-day

QNAP warns of eCh0raix ransomware attacks, Roon Server zero-day

Irish healthcare shuts down IT systems after Conti ransomware attack

Irish healthcare shuts down IT systems after Conti ransomware attack

Cross-browser tracking vulnerability tracks you via installed apps

Cross-browser tracking vulnerability tracks you via installed apps

Popular Russian hacking forum XSS bans all ransomware topics

Popular Russian hacking forum XSS bans all ransomware topics

Chemical distributor pays $4.4 million to DarkSide ransomware

Chemical distributor pays $4.4 million to DarkSide ransomware

Rapid7 source code, credentials accessed in Codecov supply-chain attack

Rapid7 source code, credentials accessed in Codecov supply-chain attack

Windows 10 KB5003173 update fails with error 0x800f0922, how to fix

Microsoft build tool abused to deliver password-stealing malware

Microsoft build tool abused to deliver password-stealing malware

Insurance giant CNA fully restores systems after ransomware attack

Insurance giant CNA fully restores systems after ransomware attack

Cisco fixes 6-month-old AnyConnect VPN zero-day with exploit code

Cisco fixes 6-month-old AnyConnect VPN zero-day with exploit code

Crypto exchange glitch causes duplicate purchases, delayed credits

Crypto exchange glitch causes duplicate purchases, delayed credits

Biden issues executive order to increase U.S. cybersecurity defenses

Biden issues executive order to increase U.S. cybersecurity defenses

Lemonade Denies “Unforgivably Negligent” Security Gaffe

US Sentences Cyber-Stalker Who Sent Sex Workers to Family’s Home

Rapid7 Source Code Accessed in Cyber-attack

Ireland’s Healthcare System’s IT Offline Following Ransomware Attack

Microsoft: Aviation and Travel Firms Targeted with RAT Campaign

Quarter of CISOs and IT Leaders Self-Medicate as Pandemic Stress Spikes

Colonial Reportedly Paid $5 Million Ransom

Cyber-bullying Spawns Artistic Protest

Cyber-attacks Cost Small US Businesses $25k Annually

Zero Trust in 2021: How to Seamlessly Protect Your Remote and In-Office Users

Data Classification: The Foundation of Effective Cybersecurity

How Zero Trust Enables Remote Working and Builds to a SASE Vision

Supply Chain Security: Easing the Headache of Third-Party Risk Assessments

Endpoint Strategies: Balancing Productivity and Security

Securing Remote Employee Devices with Unified Endpoint Management

What You Really Need to Know about MSSP: Busting the Myths, Mistakes and Misconceptions

Security Certification: Gain Competitive Advantage as the Low Risk Option

The Vulnerability Landscape: Security Trends from 2020

Pharma Drama: Interactive Crisis Simulation of an Insider Threat

Security Mythbusting: Dismantling the Top Five API Myths

SOC for the Future: Transforming Security Operations' Speed and Stamina for Recovery

Microsoft Fixes Exchange Server Zero-Day in May Patch Tuesday

Biden Executive Order Mandates Zero Trust and Strong Encryption

Colonial Pipeline Attackers Linked to Infamous REvil Group

The Challenge of Remote File Transfer Security: Is Centralization the Answer?

Defining the Zero Trust and SASE Relationship

How to Win Cybersecurity Budget and Buy-in from the C-Suite to Mitigate Increased Level of Threat

Securing the #COVID19 Vaccine & Supply Chain

Consumers Unforgiving of Merchants’ Data Failings

Record Number of Breaches Detected Amid #COVID19

Four Years On: Two-thirds of Global Firms Still Exposed to WannaCry

Police Doxxed After Ransom Dispute

More Domestic Abuse Cases Involve Tech

INTERPOL Launches Digital Piracy Project

UK Government Drafts New Legislation to Force Tech Firms to Tackle Online Abuse

Cyber EO aims to help threat sharing by fixing federal IT contract language

RevengeRAT and AysncRAT target aerospace and travel sectors

In EO, federal security provides impetus for far reaching cyber implications

Arkose Labs looks to hit cybercriminals where it hurts with cash infusion

BluBracket raises $12 million to expand operations

Developers doubt build environments are safe, keep releasing flawed code

SW Labs | Overview: Attack Surface Management

SW Labs | Test methodology: Attack Surface Management

SW Labs | Review: RiskIQ PassiveTotal

Cybersecurity’s reputation rose in the pandemic’s first months

Health care organizations funnel dollars into security amid pandemic

Businesses shift resources to address risks tied to disgruntled employees

Listen: ORPEA Group's Mauro Israel on putting in the work

Tim Callahan: ‘CISOs must voluntarily be part of the solution’

Listen: ORPEA Group's Mauro Israel on putting in the work

Why enterprises are increasing cybersecurity budgets for 2021

Build and maintain a security culture, up, across, and down the organization

How to Address Your Biggest Risk: Extend User Security Beyond Training and Education

Colonial Pipeline paying the ransom shows that only better security can stop this vicious cycle

The Mayo Clinic's team approach saved my life; now I use it to build great software

What we’ve learned from the Colonial Pipeline cyberattack, and what to do about it

Rapid7: Attackers got 'limited access' to source code, customer data after Codecov breach

Publishing exploits early doesn't encourage patching or help defense, data shows

H&R Block seeks out open-source expertise to stock up on SOC talent

SMBs increasingly face same cyber threats as large enterprises

Microsoft fixes four critical vulnerabilities, none exploited in the wild

Biden signs massive cyber order, using federal buying power to influence broader private sector practices

Rapid7 source code, alert data accessed in Codecov supply chain attack

DarkSide explained: The ransomware group responsible for Colonial Pipeline attack

US fuel pipeline 'paid hackers $5m in ransom'

Global Socket 1.4.30

Chrome Array Transfer Bypass

Ubuntu Security Notice USN-4954-1

CPSIoTSec 2021 Call For Papers

Student Management System 1.0 Cross Site Scripting

Ubuntu Security Notice USN-4953-1

Podcast Generator 3.1 Cross Site Scripting

Red Hat Security Advisory 2021-1560-01

Chamilo LMS 1.11.14 Remote Code Execution

Internet Explorer jscript9.dll Memory Corruption

Ubuntu Security Notice USN-4952-1

Ubuntu Security Notice USN-4932-2

Firefox 72 IonMonkey JIT Type Confusion

ScadaBR 1.0 / 1.1CE Windows Shell Upload

Microsoft Internet Explorer 8/11 Use-After-Free

ScadaBR 1.0 / 1.1CE Linux Shell Upload

OpenPLC WebServer 3 Remote Code Execution

Dental Clinic Appointment Reservation System 1.0 SQL Injection

ZeroShell 3.9.0 Remote Command Execution

Packet Fence 10.3.0

Windows Container Manager Service CmsRpcSrv_MapNamedPipeToContainer Privilege Escalation

ExifTool DjVu ANT Perl Injection

Windows Container Manager Service Arbitrary Object Directory Creation Privilege Escalation

Windows Container Manager Service CmsRpcSrv_MapVirtualDiskToContainer Privilege Escalation

Windows Container Manager Service CmsRpcSrv_CreateContainer Privilege Escalation

Elon Musk says Tesla will no longer accept bitcoin due to fossil fuel use | Tesla

US petrol supplies tighten after Colonial Pipeline hack

Apple's Find My network can be abused to leak secrets to the outside world via passing devices • The Register

FACT SHEET: President Signs Executive Order Charting New Course to Improve the Nation’s Cybersecurity and Protect Federal Government Networks | The White House

Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader

New ransomware: CISA warns over FiveHands file-encrypting malware variant

Washington DC Police Allegedly Offered $100,000 to Hackers to Stop Leak

AWS configuration issues lead to exposure of 5 million records

Bug attacks weakness in Microsoft Azure virtual machine extensions

Colonial Pipeline attack: Everything you need to know

Is it Finally Time for You to Care About Ransomware? | by Lance Ulanoff | May, 2021 | Medium

Lance Ulanoff – Medium

Plans for “Endorphin,” a Free and Open Crypto OS for Smartphones and Other End-User Devices | by Dominic Williams | The Internet Computer Review | May, 2021 | Medium

What You Should Know About the Colonial Pipelines Cyberattack | by Katlyn Gallo | Dark Roast Security | May, 2021 | Medium

Dark Roast Security – Medium

What is Encryption? What are digital signatures? | by Scytl | EDGE Elections | May, 2021 | Medium

EDGE Elections – Medium

Getting Started on the Internet Computer’s Network Nervous System Application & Wallet | by DFINITY | The Internet Computer Review | May, 2021 | Medium

We Will Lock Your Device Soon (Text Message Spam) | by Ruining All My Branding | Infoseconds | May, 2021 | Medium

React Authentication: How to Store JWT in a Cookie | by Ryan Chenkie | Medium

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security

Hackers behind Colonial Pipeline attack claim 3 new victims including a Scottish company

Counter-Strike Global Offsets: reliable remote code execution | secret club

Here’s how much your personal information is worth to cybercriminals – and what they do with it

Upcoming Speaking Engagements - Schneier on Security

Aurelia Framework Insecure Default Allows XSS | GoSecure

Geico data breach exposed customers' driver's license numbers

Detailed Audit of Voatz' Voting App Confirms Security Flaws

Ransomware Is Getting Ugly - Schneier on Security

"An 8th-Grader Could Have Hacked" The Koch-Owned Colonial Pipeline

Dr Robert Cialdini Interview on The 7 Principles of Influence and Persuasion - YouTube

Encryption with Linux with AES-256 (secure AF) feat. Mr Robot - YouTube

COVID-19 Cyber Attacks - WebARX Security

Irish health service shuts down IT systems due to "signficant" cyber attack

Colonial Pipeline Paid Roughly $5 Million in Bitcoin to Hackers - The New York Times

Cross-browser tracking vulnerablity in Tor, Safari, Chrome and Firefox - FingerprintJS

Encryption with Linux with AES-256 (secure AF) feat. Mr Robot - YouTube

Learn Hacking with CTFs | Basic problem solving | First CTF problem for beginners - YouTube

285. Yale 5 Lever Mortice Deadlock picked open with bent nail & homemade lollipop pick wire - YouTube

Challange lock: ‘troll’ by Harry Bow. - YouTube

Unmastered bilock pick and gut along with an attempted walkthrough - YouTube

Microsoft warns: Watch out for this new malware that steals passwords, webcam and browser data | ZDNet

EVVA 3KS pick and gut - YouTube

Irish health service hit by ‘very sophisticated’ ransomware attack | Reuters

Exploit Development: CVE-2021-21551 - Dell ‘dbutil_2_3.sys’ Kernel Exploit Writeup | Home

Picking 3 Anchor Lås Disc Detainer locks - YouTube

Colonial Pipeline Paid Hackers Nearly $5 Million in Ransom - Bloomberg

What is a Watering Hole attack and how to prevent them

DarkSide, Pipeline, and Security Pros: What We Need to Know | by Zen Chan | Technology Hits | May, 2021 | Medium

Fontaine Lock Picked - YouTube

Discovering goroutine leaks with Semgrep

Darkside Ransomware does not attack hospitals, schools and governments - Acronis

Ristretto255 for the PHP Community - Paragon Initiative Enterprises Blog

(ENG-182) Lockpicking - #dmac100 My favorite and most hated Padlock - YouTube

[L129] Sepa HDS Lock - pick + view of internals - YouTube

Google exploring using location info to slow coronavirus spread

What We Know About Darkside Ransomware and the US Pipeline Attack

New US Executive Order on Cybersecurity - Schneier on Security

The moral underground? Ransomware operators retreat… | Intel471.com

Ireland's health service shuts down IT systems over ransomware attack by 'international criminals' | World News | Sky News

Why Cloudflare’s CAPTCHA replacement with FIDO2/WebAuthn is a really bad idea | by Ackermann Yuriy | May, 2021 | Medium

The U.S. wants smartphone location data to fight coronavirus. Privacy advocates are worried.

Echelon exposed riders’ account data, thanks to a leaky API – TechCrunch

What Can You Do with a TPM? | Red Hat Emerging Technologies

Rapid7 Source Code Breached in Codecov Supply-Chain Attack

Cisco Announces Intent to Acquire Kenna Security to Deliver Industry Leading Vulnerability Management

virusbtn: The https://t.co/uKZJ9vaJ0u team write about Lizar, a diverse and complex toolkit under active development and testing for FIN7. https://t.co/XMdeJHYl1L https://t.co/ysNr0m2kiT

virusbtn: Sophos researchers describe a machine learning approach to inferring the maliciousness of unknown IP addresses, autonomous systems, and ISPs https://t.co/IXZlqokluS https://t.co/ooJX9P2qDC

virusbtn: For the SANS ISC blog, @xme looks at open access VNC consoles to industrial systems interfaces. https://t.co/ONVdJG0ouu https://t.co/cbFUWmYFjN

virusbtn: The OSINT Curious Project looks at common filters available in the free Shodan version. https://t.co/162pndjGUl https://t.co/rM4edEegLh

virusbtn: Malwarebytes researcher @jeromesegura looks at ongoing activity by Magecart Group 12. https://t.co/OSSiCy2CjA https://t.co/ezLVWrlH5p

SpecterOps: Many of you asked for a simple comparison between #BloodHoundEnterprise vs FOSS #BloodHound , check out the basic breakdown here: https://t.co/IJc31nb48f

TalosSecurity: @ccie2106 Definitely perspective plays into this.

TalosSecurity: A retainer with Cisco Talos Incident Response gets you so much more than just emergency IR. Find out everything our team can offer you to help you prepare for, react to and mitigate threats https://t.co/7djjUsWl2Q https://t.co/dtDDhf4NoT

TalosSecurity: Talos Takes Ep. #53 is live on our site and in your podcast feeds NOW! Join us as we move past the memes and discuss the broader takeaways of "smart" appliance vulnerabilities https://t.co/m2DU4D5hmU https://t.co/m6NZ5tVfPv

TalosSecurity: Here are some insights on the recent Executive Order aimed at bolstering the U.S.' cybersecurity from Talos' director of threat intelligence and interdiction. Stay tuned for an upcoming #BWT episode that'll have more on this, too! https://t.co/NSLjGxNeeL

TalosSecurity: This week's Threat Source newsletter has the latest on the #pipeline #ransomware attack, new U.S. plans for cybersecurity and the newest Talos research and IOCs you need to know about https://t.co/TDKYiWdOq7 https://t.co/vH5DOM28yN

MBThreatIntel: Malspam with .XLSB attachment pushing #Trickbot version 2000029 Maldoc: f53fdbf650f8079b40e9ddb2c7fe41c9 Payload: 0248aa78d8a4d231273d6589edb0a423 Payload URL: mastercarebath[.]com/wp-netmon.dll https://t.co/y5CTj6cVxe

MBThreatIntel: Our latest threat intel blog covers ongoing activity from Magecart Group 12 with a hybrid skimmer. https://t.co/FR9iYNb60g #Magecart #WebSkimming https://t.co/WJti7RpXiC

MBThreatIntel: Web Skimmer stealing credit card data but doing 'no-evil' 🤔 Exfiltration: houseofdesigners[.]in #Magecart #WebSkimming https://t.co/h76VJLnPk6

MBThreatIntel: Example maldoc: e6fa4e620f40158675e05a337318ee50 RedLine: 85725f2ce8ff2e36e9a3849e512e8db5 C2: http://185.215.113.54:62132 DtLoader: 1808130c6c566d8ecb43af894d4f873d PouLight: dd1ebd49078f55732f65a443e74967c4 Raccoon: (Loads BitRat) a73349885f36cdef7315984ad948a1ab

MBThreatIntel: A bitbucket account is hosting several malware families including #RedLineStealer #PouLightStealer #RaccoonStealer #BitRat and #DtLoader http://bitbucket[.]org/tanake5518/ The payloads usually have been distributed through maldocs. https://t.co/Dryr1zGv1v

anyrun_app: Another ransomware attack happened - #Darkside group hit industrial company which led to its temporary shutdown. Collect samples and IOC of this ransomware in ANYRUN's public submissions. Safely analyze behavior and execution process using our service. https://t.co/cgYtVXBlgF

anyrun_app: https://t.co/tklE3pwiD3 review for Q1 2021 Take a look at the ascend of a new king NjRAT, a new ability to track the sample's origin and the latest numbers from the service. Thank you for choosing https://t.co/tklE3pwiD3. Let's grow up together! https://t.co/0Yx1GiR6rG

anyrun_app: @lsepaolo Hello! We do not plan to do so in the near future. But we are planning many other interesting features :)

anyrun_app: TOP10 last week's threats by uploads ⬆️ #NjRAT 262 (256) ⬇️ #NanoCore 203 (269) ⬆️ #Redline 129 (93) ⬆️ #Strrat 84 (51) ⬆️ #FormBook 82 (80) ⬆️ #Orcus 76 (45) ⬇️ #AsyncRAT 68 (110) ⬇️ #Lokibot 68 (94) ⬆️ #DCrat 68 (51) ⬇️ #AgentTesla 59 (78) https://t.co/98nRpXOxWw

abuse_ch: Another Hospital got hit by ransomware 🔥 https://t.co/uKKjXzpmf4

abuse_ch: Apparently, Colonial Pipeline paid the threat actors behind DarkSide ransomware nearly $5 million in ransom💰💸 https://t.co/kWtMTsJAXE

abuse_ch: If this is true, I'm asking myself: If big organizations like Colonial Pipeline fail to do proper patch- and vulnerability management, how can we expect smaller orgs (like such from healthcare sector) adopting best practices on cyber security?

abuse_ch: According to NYT, the U.S. pipeline operator Colonial Pipeline 🇺🇸 were still using a vulnerable version of Microsoft Exchange server, which could have been the initial infection vector for DarkSide ransomware 🔥 https://t.co/BETTlPF7lT

abuse_ch: @MarcelBilal @campuscodi @HonkHase @BSI_Bund @anyrun_app You may want to push them to ThreatFox: https://t.co/r5JJqZmRbJ

QuoIntelligence: This week, we look at the #ColonialPipeline #cyberattack attributed to #Darkside ransomware and patches for #Microsoft and #Adobe incl. a 0-day vulnerability in Adobe Reader. Read it all here: https://t.co/31QGZx6XHj

JAMESWT_MHT: non sarebbe il caso @AgidCert @csirt_it @poliziadistato di far chiudere questi 2 domini ricompensaunica[.com notizieattendibili[.com ??? https://t.co/KH9ekmle4T

cyb3rops: HTTP Protocol Stack Remote Code Execution Vulnerability - CVE-2021-31166 Wormable, RCE, HTTP Protocol IIS Service, CVSS 9.8 > Panic 😱 Looking at the list of affected systems, you suddenly start to relax 💆🏻‍♂️ https://t.co/hKAU4XvXuG

inj3ct0r: #0daytoday #OpenPLC #WebServer 3 Remote Code Execution #Exploit #RCE https://t.co/CNRFigCzGx

inj3ct0r: #0daytoday #ScadaBR 1.0 / 1.1CE #Linux #Shell Upload #Exploit https://t.co/natmOZslUX

inj3ct0r: #0daytoday #ScadaBR 1.0 / 1.1CE #Windows #Shell Upload #Exploit https://t.co/9fXpwLrZZd

inj3ct0r: #0daytoday #Microsoft #InternetExplorer jscript9.dll Memory Corruption #Exploit #IE https://t.co/tKyAtQ4ms4

inj3ct0r: #0daytoday #Mozilla #Firefox 72 IonMonkey - JIT Type Confusion #Exploit https://t.co/VecDjolqZB

malwrhunterteam: 🤦‍♂️ https://t.co/bbBB3VpigW

malwrhunterteam: 45bdccfb6524b3377cc30a2e6f035f17e6dcfb9b3b38dff3c49d1f1d03edec1e bad.yoxxx[.]tk @Spam404 cc @VK_Intel @bryceabdo @JAMESWT_MHT https://t.co/thY4HhzLFF

malwrhunterteam: 81.69.185[.]249 cc @VK_Intel @bryceabdo @JAMESWT_MHT https://t.co/YAVRxhL0TQ

blackorbird: Transparent Tribe IOC #CrimsonRAT #ObliqueRAT #APT https://t.co/t40zQDOBij https://t.co/GFchcjVBcb

blackorbird: @mstoned7 Which group?

blackorbird: @ShadowChasing1 Old movie

blackorbird: HTTP Protocol Stack Remote Code Execution Vulnerability(CVE-2021-31166) #wormable Exploitation More Likely https://t.co/dlHc6ycnKs https://t.co/Ug3Hel2mvf

blackorbird: DarkSide affiliate panel (Linux/Windows) #ransomware Report: https://t.co/M5Y9tdua3K https://t.co/RT3aa0lr0S

wugeej: 東京でセキュリティ教育をするとしたら、何を習いたいですか?

wugeej: Microsoft Exchange Deserialization to Post-Auth RCE (CVE-2021-28482) #PoC https://t.co/hzpypNjNyr https://t.co/SnJvOns24Y https://t.co/jKMpbQWOgw https://t.co/iyZBypNlTF

wugeej: Microsoft Exchange Deserialization to Post-Auth RCE (CVE-2021-28482) * MeetingPollHandler Deserialization GET /owa/MeetingPollHandler.ashx?PayloadType=ApproveProposedOptions&ItemId=OID.xxxxxx.2021/05/11&RequestId=123123123" https://t.co/Ex7yeagJrZ https://t.co/qgL2fNuPcw

malware_traffic: 2021-05-13 (Thursday) - #Hancitor infection with #FickerStealer and #CobaltStrike - 11 email examples, #pcap of the infection traffic, malware samples, and some IOCs available at: https://t.co/B3cFhQqcIS - Didn't have time to sanitize/post all of it yesterday, so here it is today https://t.co/UkKm6QkmaC

malware_traffic: 2021-05-14 (Friday) - Email attachment (malicious Excel spreadsheet with macros) from 10 days ago still pushing #Ursnif (#Gozi/#ISFB) - Open directory at docs.atu.ngr.mybluehost[.]me still hosting malware DLL for Ursnif - https://t.co/35dUZs93KO https://t.co/ZOaVg5Wp6U

malware_traffic: @lazyactivist192 @Artilllerie @JAMESWT_MHT @abuse_ch @cocaman @malwrhunterteam @FBussoletti @guelfoweb @fr0s7_ @ffforward @Jan0fficial @sugimu_sec @VK_Intel Similar #CobaltStrike domain seen earlier this week: https://t.co/smAOxYkiyH

James_inthe_box: @HackDefendr @ItsReallyNick It's been very busy since #emotet died.

James_inthe_box: @ViriBack Kinda busy dropper: https://t.co/kiDVQAYQdd https://t.co/wEDjLzWdC6

James_inthe_box: @ViriBack Dropped by the small exe from here: https://t.co/lt4AZA7lA3 https://t.co/uAiHMbQLv5

James_inthe_box: @ViriBack 🤔 https://t.co/yKiwzMyIIx

James_inthe_box: @EliasEliasjorel @Lokesh42651261 @krabsonsecurity @JAMESWT_MHT @malwrhunterteam @VK_Intel @anyrun_app cc @FBI

pmelson: @th3cyF0x I’ve been calling em Ghostbusters https://t.co/UXsK4MlfxE

pmelson: @andrewsmhay I’m so sorry man. 😢

pmelson: @d0rkph0enix @Drizly That Knob Creek 12yr cask strength is so good! I think I’ll join you. Cheers! https://t.co/Vhmxs3QSLi

pmelson: @AreTillery If they’re nopales, then it’s a bloodless tacoup. 😇🌮

pmelson: @KyleTDavis1 Brake cleaner would work, but you’re putting hydrocarbons on your skin, so not better. This stuff (below) is the best at getting the oils off skin quickly and effectively. It was originally invented for decontaminating skin and fabric exposed to radioactive fallout. https://t.co/7buyRYZwTu

demonslay335: @vineetsihag11 @Microsoft @Windows @emsisoft New Djvu. Read the FAQ: https://t.co/NORSVwykGo

demonslay335: @fbgwls245 Tries to kill @cyb3rops' Raccine, don't see that too often. https://t.co/Vfs9mK5gga

demonslay335: @fbgwls245 @BleepinComputer @Amigo_A_ @siri_urz @malwrhunterteam @JAMESWT_MHT #decryptable

demonslay335: @hqUISqtQE0D3BiO New Djvu. Read the FAQ... https://t.co/NORSVwykGo

hackerfantastic: @matthew_d_green Good source of protein. Don't be shy, try a few.

Cyb3rWard0g: @Lee_Holmes @ianhellen @rodtrent @mybinderteam BinderHub integration and Google Colab is 🔥🔥 https://t.co/WbZdTnv8VV

Cyb3rWard0g: @Lee_Holmes @ianhellen @rodtrent Let's add that to our to-do list 😂 Happy to help w/ the migration if this concept makes sense for #msticpy docs & blog. Maybe we start w/ blog only. I ❤️ the GitHub integration to open issues in case readers following the content of the blog have any issues w/ the library 😉 https://t.co/kQonOJhzJ7

Cyb3rWard0g: @Lee_Holmes @ianhellen @rodtrent Agreed. It is time to make the change to GitHub pages with a Jupyter-book backend 😉 Most of the content in #msticpy blogs is to show its functionality and it would be great to make the content in the blogs more interactive 🚀 Example: https://t.co/37XecS0ion

Cyb3rWard0g: @Mrtn9 @KovertNO Thank you @Mrtn9 ! 🍻 Never thought I would ever get sponsors when I started my open source journey a few years ago ♥️ it means a lot! https://t.co/qaT89s8BDo

VK_Intel: ...and top active Russian-language forum Exploit bans ransomware & locker business officially due to the "unnecessary attention"... Bravo! I feel like it is yet another New Year's gift! As from my RSAC presentation in 2017, ransomware is an "[i]intellectual [d]eath” by INC." https://t.co/vYV174SpGG https://t.co/U5un1WFkbl

VK_Intel: [Breaking Blog]🆕 "From Dawn to "Silent Night": "#DarkSide #Ransomware" Initial Attack Vector Evolution" | Microsoft Exchange 🔥Alliance with #Zloader aka “Silent Night” botnet group Confirmed: ⭐️Zloader Sub-Botnet ➡️ Cobalt Strike ➡️ DarkSide Ransomware https://t.co/b08YxHIR45 https://t.co/jlC0PvRJ7U

VK_Intel: Blog incoming on unique discovery on #DarkSide ransomware🔥 "Silent Night in the Dark..." 😉 Stay tuned https://t.co/Xc4ICqbPKJ

VK_Intel: @grep_security It will certainly not deter criminals from profiting from the most lucrative crimeware business ie, ransomware. Underground forums play only a part in their business model. The majority of the recruitment/locker business happens on decentralized TOX/Jabber anyway 😉

DrunkBinary: @selenalarson My condolences for you and yours in this time of grief. Let me know if we can do anything for you.

DrunkBinary: @Arkbird_SOLG Yeah, that looks like a piece of Turla after IronPython is deployed. Not sure if it's the NetInjector piece or ComRAT.

Arkbird_SOLG: #ATM Interesting to see that #DispCashBR continue to be used, recent samples in April-May 2021, I take the opportunity for share the yara rule: sample: https://t.co/V9pS74buo8 Yara rule: https://t.co/y6o89K0Gzn cc @Bank_Security @BushidoToken @c3rb3ru5d3d53c

KorbenD_Intel: @kpyke in and passcode accepted but nothing but dead air, not even hold music

KorbenD_Intel: @James_inthe_box @hacks4pancakes pcanywhere.doc.exe

KorbenD_Intel: http[:]//139.59.98[.]26/c.hta http[:]//139.59.98[.]26/kiba.txt http[:]//139.59.98[.]26/text http[:]//139.59.98[.]26/text2 etc

ShadowChasing1: interesting lnk implant which be uploaded from India ITW:fa43e8e14a13291f2ff53a50ae362168 filename:Cir-Bfg-Int-May21-Summary. zip URL: hxxps://ikiranastore.com/images/files/ist/doc/Cir-Bfg-Int.docx hxxps://ikiranastore.com/images/files/ist/doc/ https://t.co/AEEbmENMCL

ShadowChasing1: @Manu_De_Lucia yep sir ;-) have a nice day of huting

ShadowChasing1: @Manu_De_Lucia https://t.co/xiRgmDsTRy

ShadowChasing1: Today our reseachers have found implant which belongs to #Lazarus #APT group ITW:648dea285e282467c78ac184ad98fd77 filename:general_motors_cars.doc next period url:hxxps://allgraphicart.com/logo.png https://t.co/YnQDvBnOQX

ItsReallyNick: @tylabs They’re that wrong kind of famous.

ItsReallyNick: @cglyer @arekfurt 🍋 https://t.co/XU3Qxcrkm6

ItsReallyNick: @mattifestation De-obfuscation challenges us to ask bold questions, like: “Will DBO tell me what this script is doing?” and “Wait, are people actually using Invoke-CradleCrafter?” https://t.co/5hOXZM8V5t

ItsReallyNick: @mattifestation De-obfuscation isn’t only needed for things that are obviously fractured. Simplifying, standardizing, and understanding what cannot change is an art. De-obfuscation teaches us that reliably putting things back together should be celebrated. It asks us: what cannot be mended?

cyberwar_15: #북한 #NorthKorea 아직은 말할 수 없다! https://t.co/ohqjTRTTMo

cyberwar_15: #북한 #NorthKorea 북한 사이버 공작원의 진술? 자백? 진실은 알 수 없지만 말입니다. https://t.co/aYqtQHEcxB

cyberwar_15: #북한 #NorthKorea #Android 북한 사이버 공작원이 안드로이드 스마트폰 이용자 대상으로 공격을 시도하는 정황이 포착됐습니다. 긴급히 조사에 착수한 상태입니다. 안드로이드 갤럭시 스마트폰 이용자들이 공격 표적에 노출되고 있습니다. https://t.co/C0Z5C4Hx4M

cyberwar_15: #북한 #NorthKorea #탈륨 #Thallium 북한 사이버 공작원이 어제까지도 한국인터넷진흥원(KISA)을 사칭해 국내외 언론사 기자를 상대로 공격을 수행하고 있었습니다. 키사에서는 해당 공격을 수신한 잠재적 피해자들 상대로 주의 안내를 전달하고 있습니다. https://t.co/5pnbsZPqsq https://t.co/kF8Kty4vGx

cyberwar_15: https://t.co/XMdjWMs76p

Manu_De_Lucia: @ShadowChasing1 a tweet almost at the same time for secs 😄

Manu_De_Lucia: #Lazarus #APT General Motors themed weaponized doc (648dea285e282467c78ac184ad98fd77). mavinject to code-inject into explorer.(5bc9e1ae539728e7568e3f149c2da61b). 20210428 compiled version probably focused to lower the detection rates (5/68) compared to implants compiled on March.

DeadlyLynn: @ShadowChasing1 https://t.co/OLfL6MHoKo

58_158_177_102: @__kokumoto 世の中で広く使われているクラウドサービスでもいきなり出力条件変えたりとか、出力値変えたりとか。。。(毎日運用しているから気付けて、問い合わせして初めて変更がわかる) オンプレでもあるのですが、ログ周りを変えることについての重大さをメーカーは認識不足してほしいですね

58_158_177_102: この前のs社の件でstable版(機能追加&削除されないバグfixのみ)を提供するクラウドができて、サポート切れでマイグレするような変な文化ができるんじゃないか、と冗談みたいに考えたけれど、クラウドベンダーの質がこれだと本当に顧客が要望しそうだ

58_158_177_102: 某クラウドサービスがアップデートで監視中のログのカラムを無告知で消した そこが使われているとは思いませんでした、っていう理由も許せないし、使っていなくても取り込みログ処理で真ん中のカラム抜けるのは致命的な問題を引き起こすかも、と考えていないのも許せない 意識低すぎる。。。

58_158_177_102: 昼ラー 今週会議ばかりだし、何なら来週から会議増えたし、ファシリテイトする必要もでてきた https://t.co/J3tFmx5Ifp

issuemakerslab: North Korea's RGB-D5 attacked certain targets using a paper titled "Perception about North Korea policy of Security Advisors of Biden administration." https://t.co/1vfYrO9KgC

issuemakerslab: North Korea's RGB-D5 attacked certain targets using a paper titled "China's Changes in Foreign Strategy during the Xi Jinping Period and Effects on Policy on the Korean Peninsula." https://t.co/ePC1OxC17p

issuemakerslab: DPRK's RGB-D5 used a paper titled "An Analysis on the Nuclear Strategy of North Korea with Strategic Weapons" to launch spear-phishing attacks on certain targets. https://t.co/jXvk8qE6Ti

issuemakerslab: North Korea's RGB-D5 attacked certain targets using receipts from the Disaster Relief Association's payment of COVID-19 donations. https://t.co/jQwUYsI3lo

issuemakerslab: North Korea's RGB-D5 launched spear-phishing attacks using a document about an analysis report of 6th conference of secretaries of "party cells" of Workers' Party of North Korea. https://t.co/ATEoGZwEe7

IntezerLabs: Check third party software for backdoors with Intezer Protect. ✔️ Immediate visibility over all code running in your cloud ✔️ Verify no malicious code was implanted in your systems ✔️ Detect malicious code & unauthorized applications Try it for free https://t.co/coq0mxqYEF https://t.co/UCUMWgcWgJ

IntezerLabs: From AWS Shield to Security Hub we highlight 🖐️✌️security tools for your cloud-hosted applications https://t.co/yIp7L6Y35r

IntezerLabs: Detect and respond to cloud attacks with our award-winning threat detection technology. Try Intezer Protect for free on 10 hosts https://t.co/HCnO3pPoZw https://t.co/Pzt2gH2fBa

IntezerLabs: 🆕 low detected (1/68 in VT) #Windows #RAT with screenshot, shell, and #keylogger functionality. 0c5c25f2aa5709498548692a3c4db799 https://t.co/iYXo05PZxa 🔥🔥 https://t.co/jhDW2aDD84

IntezerLabs: Accelerate investigation and response time with a next-gen malware analysis platform and @Siemplify SOAR https://t.co/W8I1ljKeMT https://t.co/yjk9fdCoeM

aboutsecurity: @fletusposton @bettersafetynet @shortxstack @ecideevhal @flakpaket @gabsmashh @HeatherMahalik @Infosec_Taylor @J_Fox @kim_crawley @likethecoins @TimMedin @markaorlando @jorgeorchilles @PhilHagen @The_StarHack3r @RayRedacted @SecHubb @teddemop @Unix_Guru Thank you sir! Have a great weekend!

aboutsecurity: Cyber defense is all about ‘time’. How fast can you detect and react to the precursors of a #ransomware attack? Sometimes activity can be spotted weeks before the actual detonation of the samples. Check out how fast #Darkside samples will encrypt in @ChristiaanBeek demo ⬇️ https://t.co/p9Qgi4x1uV

aboutsecurity: At $30M, this is a VERY expensive pentest report. One that will probably show unpatched systems on your DMZ, RDP exposed with weak creds & vulnerable apps among others. Time to review the efficacy of your Security Architecture? #DarkSide #ransomware via @briankrebs @Intel471Inc https://t.co/7k0lGAkGL9

aboutsecurity: @SecurityMapper @wiredd_j @SANSDefense @SecHubb https://t.co/jFluwJJGOM

kyleehmke: Suspicious domain androidsensorfirmware[.]net was registered through Njalla on 5/11 and is hosted on a dedicated server at 45.61.137[.]121. https://t.co/3v33kJYVGg

kyleehmke: The com-validate[.]site domain also identifies registrant secures[.]email[.]mail@mail[.]ru, which was used for previously identified UNC1151 domain google-com[.]online. H/t @DomainTools https://t.co/fX10GcWqkQ

kyleehmke: Most likely UNC1151 domains com-verify[.]site (Cloudflare) and com-validate[.]site (94.103.80[.]124) were registered separately on 5/12. In @ThreatConnect: https://t.co/oQ1fM0Fcr2 https://t.co/gDTzhsGm48

Hexacorn: @BlackMatter23 @SwiftOnSecurity it's not "it's DNS" anymore it's "it's @SwiftOnSecurity" ;)

JCyberSec_: 2️⃣ This isn't the first time this TTP has been utilised. https://t.co/k5MjxNfCMn

JCyberSec_: Here is a sample of the traffic. 📊 ⚠️Each redirect is different - this is how these redirect scam networks operate. 🌐https://t.co/rh99TPKEjC https://t.co/zjZTDR4rtq

JCyberSec_: 📸How the scam works:📊 Scammers comprise or create a Google account⚠️ Creates a document lure with an interesting title - the title appears in the notification📄 Shares the document with a list of email addresses📨 A pop-up notification appears on a users mobile phone📲

JCyberSec_: 💥📢 The Google drive notification scam is still ongoing ⬇️ 🔍Currently using explicit document names and content to redirect users through a monetary redirect chain landing on a fake 'dirty tiktok' site 👀 https://t.co/Wvwafz4Trh

JCyberSec_: @GossiTheDog @AndrewPRLevi Hey @AndrewPRLevi - you know you've made a mistake when @GossiTheDog gets involved. Delete the tweet my friend and the cyber folks will depart to find other fake news to quash. ❌That is NOT a scam ❌Those are NOT fake links Get vaccinated 💉🎉

nullcookies: Needs improvement. https://t.co/tDPC2xrDva

nullcookies: A pivotal moment. I remember watching this as a kid and realizing there was a new world to explore, made accessible by the PSTN. I felt awe and wonder. https://t.co/quc2ax3WPG

nullcookies: @EndlessWunder I hope you see an excellent return on your investment. : )

nullcookies: @Shadow0pz Bought. : )

nullcookies: @The_Mi_ke @blackroomsec Added to my bag and went 3x long. Hope I guessed the floor properly.

campuscodi: The Google Kubernetes Engine security bulletins have moved https://t.co/00Js4Y8ABc https://t.co/GJAcOWB4Hu

campuscodi: -The group began targeting ride-hailing services in 2019, but then switched to food delivery services in 2020, due to COVID-19 -While they used IDs from different sources, some were also acquired from the dark web, per court documents https://t.co/37iGEZoGV1

campuscodi: -The group coordinated via a WhatsApp group named "Mafia" (out of all things) -The group also made profits via the site' driver referral programs -Here's a screenshot of one of the members earning $194,800 on DoorDash 🤡 https://t.co/0XZAUAkWKh

campuscodi: A Brazilian gang operating in the US defrauded Uber, Lyft, and DoorDash by using stolen IDs to register driver accounts and then used GPS spoofing to get better rates for longer riders/shorter/faster deliveries https://t.co/XRrRJBYS98 https://t.co/bTfDRfMfOP

campuscodi: @YoMa_CP Exploit

424f424f: @n00bRage BadBlood 2.0?

424f424f: @TriciaKicksSaaS Got the whole house set at haverty's years back. Great stuff. It's all in my garage for sale now. Wouldnt fit up the damned stairs at the new house lol

424f424f: @TriciaKicksSaaS I have that SAME buffet lol

lazyactivist192: @malindalowery At the very least, they need a serious overhaul to their business continuity plan. 7-14 days until service resume for critical infrastructure is unacceptable

lazyactivist192: @malindalowery Honestly, might get service faster if I loaded up a van and drove it down

lazyactivist192: @malindalowery Aww :( , I wish. Apparently Colonial Pipeline had backups and were able to restore from backups, so hopefully service should get restored soon.

lazyactivist192: And ryuk, can't forget ryuk https://t.co/Ut2GwmO7oW

FewAtoms: #malware #opendir #infosecurity #threathunting #cybersecurity hxxp://3.36.53.50/dose/ https://t.co/vAZhPuBLfM https://t.co/rzBfaxTNhW

reecdeep: #Malware #SnakeKeylogger targets #italy 🇮🇹 "Si prega di completare l'ordine" MD5: BA02434131D06B324C4E0EF45FE5E586 🔥c2 info@aruscomext.com smtp.[aruscomext.[com #infosec #CyberSecurity #cybercrime #Security @guelfoweb @VirITeXplorer @58_158_177_102 @D3LabIT @matte_lodi https://t.co/Av28gpG1LY

reecdeep: #Malspam targeting #Italy 🇮🇹 spreads #AsyncRat #Malware "Nuovo ordine per P/O" hxxp://cybercrypter.com/XNAFrameworkClassLibrary.pdf hxxps://cdn.discordapp.com/attachments/841906355832750103/841906424308957214/Asyn_gracet.exe 🔥c2: sipex2021.[ddns[.net:9476 #CyberSecurity https://t.co/v04VO1t4Gr

reecdeep: @guelfoweb @D3LabIT @VirITeXplorer @merlos1977 @matte_lodi @1t1sNobody @_odisseus @Manu_De_Lucia @luigi_martire94 @vxsh4d0w @rootella_ @FBussoletti @58_158_177_102 @sugimu_sec @JRoosen @James_inthe_box @lazyactivist192 @andpalmier @fumik0_ @pmmkowalczyk @malware_traffic @fr0s7_

luc4m: @GEI_MC @malwrhunterteam Nice! Any samples?

3xp0rtblog: @0x7fff9 @Abjuri5t @Amigo_A_ @Arkbird_SOLG @Arkbird_SOLG @Bank_Security @BleepinComputer @JAMESWT_MHT @JRoosen @James_inthe_box @Jan0fficial @LawrenceAbrams @ViriBack @Xylit0l @campuscodi @fumik0_ @hasherezade @hexlax @luc4m @malwrhunterteam @pmelson @siri_urz @struppigel

3xp0rtblog: Osiris was also known by another name as Kronos. Kronos was just rebranded to Osiris with the same functionality. For a period of Osiris selling were many campaigns targeting Germany, Japan, and Poland. Due to these campaigns, they pretty much turned attention to themselves.

3xp0rtblog: Osiris Banking Trojan was closed on 7 March 2021 after 7 years. Should remind that earlier Osiris took a long pause and reopened selling on 13 August 2020. The last large attack with using Osiris was in the period between January 15 and 20, 2021 on German customers. https://t.co/ptXOr5iasn

----Vulners.com High Sev. Last 3 Days----

CVSS: 6.8 GNU C Library vulnerabilities

CVSS: 7.5 SonicWall SMA 100 Series 10.x Firmware Zero-Day Vulnerability

CVSS: 6.5 Chamilo LMS 1.11.14 Remote Code Execution

CVSS: 7.8 (RHSA-2021:1560) Moderate: Red Hat AMQ Streams 1.6.4 release and security update

CVSS: 7.5 AWStats vulnerabilities

CVSS: 10.0 ZeroShell 3.9.0 Remote Command Execution

CVSS: 7.6 Microsoft Internet Explorer 8/11 Use-After-Free

CVSS: 7.6 Firefox 72 IonMonkey JIT Type Confusion

CVSS: 10.0 Get patching! Wormable Windows flaw headlines Patch Tuesday

CVSS: 6.8 ExifTool DjVu ANT Perl Injection

----NVD Last 3 Days----

CVE#: CVE-2021-32073 Published Date: 2021-05-15 CVSS: NO CVSS Description: DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote attacker to send a malicious request to to the web manager allowing remote code execution.

CVE#: CVE-2020-16632 Published Date: 2021-05-15 CVSS: NO CVSS Description: A XSS Vulnerability in /uploads/dede/action_search.php in DedeCMS V5.7 SP2 allows an authenticated user to execute remote arbitrary code via the keyword parameter.

CVE#: CVE-2021-33034 Published Date: 2021-05-14 CVSS: NO CVSS Description: In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.

CVE#: CVE-2021-33033 Published Date: 2021-05-14 CVSS: NO CVSS Description: The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.

CVE#: CVE-2019-25044 Published Date: 2021-05-14 CVSS: NO CVSS Description: The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue.

CVE#: CVE-2021-3402 Published Date: 2021-05-14 CVSS: NO CVSS Description: An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4

CVE#: CVE-2021-32054 Published Date: 2021-05-14 CVSS: NO CVSS Description: Firely/Incendi Spark before 1.5.5-r4 lacks Content-Disposition headers in certain situations, which may cause crafted files to be delivered to clients such that they are rendered directly in a victim's web browser.

CVE#: CVE-2021-27737 Published Date: 2021-05-14 CVSS: NO CVSS Description: Apache Traffic Server 9.0.0 is vulnerable to a remote DOS attack on the experimental Slicer plugin.

CVE#: CVE-2021-22866 Published Date: 2021-05-14 CVSS: NO CVSS Description: A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub App on the instance and have a user authorize the application through the web authentication flow. All permissions being granted would properly be shown during the first authorization, but in certain circumstances, if the user revisits the authorization flow after the GitHub App has configured additional user-level permissions, those additional permissions may not be shown, leading to more permissions being granted than the user potentially intended. This vulnerability affected GitHub Enterprise Server 3.0.x prior to 3.0.7 and 2.22.x prior to 2.22.13. It was fixed in versions 3.0.7 and 2.22.13. This vulnerability was reported via the GitHub Bug Bounty program.

CVE#: CVE-2020-27833 Published Date: 2021-05-14 CVSS: NO CVSS Description: A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. The vulnerability is limited to the command `oc image extract`. If a symbolic link is first created pointing within the tarball, this allows further symbolic links to bypass the existing path check. This flaw allows the tarball to create links outside the tarball's parent directory, allowing for executables or configuration files to be overwritten, resulting in arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions up to and including openshift-clients-4.7.0-202104250659.p0.git.95881af are affected.

CVE#: CVE-2020-24119 Published Date: 2021-05-14 CVSS: NO CVSS Description: A heap buffer overflow read was discovered in upx 4.0.0, because the check in p_lx_elf.cpp is not perfect.

CVE#: CVE-2021-3537 Published Date: 2021-05-14 CVSS: NO CVSS Description: A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.

CVE#: CVE-2021-29619 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Passing invalid arguments (e.g., discovered via fuzzing) to `tf.raw_ops.SparseCountSparseOutput` results in segfault. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29618 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Passing a complex argument to `tf.transpose` at the same time as passing `conjugate=True` argument results in a crash. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29617 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via `CHECK`-fail in `tf.strings.substr` with invalid arguments. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29616 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of TrySimplify(https://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc#L390-L401) has undefined behavior due to dereferencing a null pointer in corner cases that result in optimizing a node with no inputs. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29615 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `ParseAttrValue`(https://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/framework/attr_value_util.cc#L397-L453) can be tricked into stack overflow due to recursion by giving in a specially crafted input. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29614 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.io.decode_raw` produces incorrect results and crashes the Python interpreter when combining `fixed_length` and wider datatypes. The implementation of the padded version(https://github.com/tensorflow/tensorflow/blob/1d8903e5b167ed0432077a3db6e462daf781d1fe/tensorflow/core/kernels/decode_padded_raw_op.cc) is buggy due to a confusion about pointer arithmetic rules. First, the code computes(https://github.com/tensorflow/tensorflow/blob/1d8903e5b167ed0432077a3db6e462daf781d1fe/tensorflow/core/kernels/decode_padded_raw_op.cc#L61) the width of each output element by dividing the `fixed_length` value to the size of the type argument. The `fixed_length` argument is also used to determine the size needed for the output tensor(https://github.com/tensorflow/tensorflow/blob/1d8903e5b167ed0432077a3db6e462daf781d1fe/tensorflow/core/kernels/decode_padded_raw_op.cc#L63-L79). This is followed by reencoding code(https://github.com/tensorflow/tensorflow/blob/1d8903e5b167ed0432077a3db6e462daf781d1fe/tensorflow/core/kernels/decode_padded_raw_op.cc#L85-L94). The erroneous code is the last line above: it is moving the `out_data` pointer by `fixed_length * sizeof(T)` bytes whereas it only copied at most `fixed_length` bytes from the input. This results in parts of the input not being decoded into the output. Furthermore, because the pointer advance is far wider than desired, this quickly leads to writing to outside the bounds of the backing data. This OOB write leads to interpreter crash in the reproducer mentioned here, but more severe attacks can be mounted too, given that this gadget allows writing to periodically placed locations in memory. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29613 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap. The fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29612 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in Eigen implementation of `tf.raw_ops.BandedTriangularSolve`. The implementation(https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/linalg/banded_triangular_solve_op.cc#L269-L278) calls `ValidateInputTensors` for input validation but fails to validate that the two tensors are not empty. Furthermore, since `OP_REQUIRES` macro only stops execution of current function after setting `ctx->status()` to a non-OK value, callers of helper functions that use `OP_REQUIRES` must check value of `ctx->status()` before continuing. This doesn't happen in this op's implementation(https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/linalg/banded_triangular_solve_op.cc#L219), hence the validation that is present is also not effective. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29611 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseReshape` results in a denial of service based on a `CHECK`-failure. The implementation(https://github.com/tensorflow/tensorflow/blob/e87b51ce05c3eb172065a6ea5f48415854223285/tensorflow/core/kernels/sparse_reshape_op.cc#L40) has no validation that the input arguments specify a valid sparse tensor. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 and TensorFlow 2.3.3, as these are the only affected versions.

CVE#: CVE-2021-29610 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The validation in `tf.raw_ops.QuantizeAndDequantizeV2` allows invalid values for `axis` argument:. The validation(https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L74-L77) uses `||` to mix two different conditions. If `axis_ < -1` the condition in `OP_REQUIRES` will still be true, but this value of `axis_` results in heap underflow. This allows attackers to read/write to other data on the heap. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29609 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined behavior (dereferencing null pointers) as well as write outside of bounds of heap allocated data. The implementation(https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/sparse_add_op.cc) has a large set of validation for the two sparse tensor inputs (6 tensors in total), but does not validate that the tensors are not empty or that the second dimension of `*_indices` matches the size of corresponding `*_shape`. This allows attackers to send tensor triples that represent invalid sparse tensors to abuse code assumptions that are not protected by validation. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29608 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.RaggedTensorToTensor`, an attacker can exploit an undefined behavior if input arguments are empty. The implementation(https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L356-L360) only checks that one of the tensors is not empty, but does not check for the other ones. There are multiple `DCHECK` validations to prevent heap OOB, but these are no-op in release builds, hence they don't prevent anything. The fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29607 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined behavior (dereferencing null pointers) as well as write outside of bounds of heap allocated data. The implementation(https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/sparse_sparse_binary_op_shared.cc) has a large set of validation for the two sparse tensor inputs (6 tensors in total), but does not validate that the tensors are not empty or that the second dimension of `*_indices` matches the size of corresponding `*_shape`. This allows attackers to send tensor triples that represent invalid sparse tensors to abuse code assumptions that are not protected by validation. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29606 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of `Split_V`(https://github.com/tensorflow/tensorflow/blob/c59c37e7b2d563967da813fa50fe20b21f4da683/tensorflow/lite/kernels/split_v.cc#L99). If `axis_value` is not a value between 0 and `NumDimensions(input)`, then the `SizeOfDimension` function(https://github.com/tensorflow/tensorflow/blob/102b211d892f3abc14f845a72047809b39cc65ab/tensorflow/lite/kernels/kernel_util.h#L148-L150) will access data outside the bounds of the tensor shape array. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29605 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The TFLite code for allocating `TFLiteIntArray`s is vulnerable to an integer overflow issue(https://github.com/tensorflow/tensorflow/blob/4ceffae632721e52bf3501b736e4fe9d1221cdfa/tensorflow/lite/c/common.c#L24-L27). An attacker can craft a model such that the `size` multiplier is so large that the return value overflows the `int` datatype and becomes negative. In turn, this results in invalid value being given to `malloc`(https://github.com/tensorflow/tensorflow/blob/4ceffae632721e52bf3501b736e4fe9d1221cdfa/tensorflow/lite/c/common.c#L47-L52). In this case, `ret->size` would dereference an invalid pointer. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29604 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of hashtable lookup is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/1a8e885b864c818198a5b2c0cbbeca5a1e833bc8/tensorflow/lite/kernels/hashtable_lookup.cc#L114-L115) An attacker can craft a model such that `values`'s first dimension would be 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29603 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB write on heap in the TFLite implementation of `ArgMin`/`ArgMax`(https://github.com/tensorflow/tensorflow/blob/102b211d892f3abc14f845a72047809b39cc65ab/tensorflow/lite/kernels/arg_min_max.cc#L52-L59). If `axis_value` is not a value between 0 and `NumDimensions(input)`, then the condition in the `if` is never true, so code writes past the last valid element of `output_dims->data`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29602 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `DepthwiseConv` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/1a8e885b864c818198a5b2c0cbbeca5a1e833bc8/tensorflow/lite/kernels/depthwise_conv.cc#L287-L288). An attacker can craft a model such that `input`'s fourth dimension would be 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29601 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of concatenation is vulnerable to an integer overflow issue(https://github.com/tensorflow/tensorflow/blob/7b7352a724b690b11bfaae2cd54bc3907daf6285/tensorflow/lite/kernels/concatenation.cc#L70-L76). An attacker can craft a model such that the dimensions of one of the concatenation input overflow the values of `int`. TFLite uses `int` to represent tensor dimensions, whereas TF uses `int64`. Hence, valid TF models can trigger an integer overflow when converted to TFLite format. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29600 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `OneHot` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/f61c57bd425878be108ec787f4d96390579fb83e/tensorflow/lite/kernels/one_hot.cc#L68-L72). An attacker can craft a model such that at least one of the dimensions of `indices` would be 0. In turn, the `prefix_dim_size` value would become 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29599 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `Split` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/e2752089ef7ce9bcf3db0ec618ebd23ea119d0c7/tensorflow/lite/kernels/split.cc#L63-L65). An attacker can craft a model such that `num_splits` would be 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29598 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `SVDF` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/7f283ff806b2031f407db64c4d3edcda8fb9f9f5/tensorflow/lite/kernels/svdf.cc#L99-L102). An attacker can craft a model such that `params->rank` would be 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29597 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `SpaceToBatchNd` TFLite operator is [vulnerable to a division by zero error](https://github.com/tensorflow/tensorflow/blob/412c7d9bb8f8a762c5b266c9e73bfa165f29aac8/tensorflow/lite/kernels/space_to_batch_nd.cc#L82-L83). An attacker can craft a model such that one dimension of the `block` input is 0. Hence, the corresponding value in `block_shape` is 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29596 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `EmbeddingLookup` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/e4b29809543b250bc9b19678ec4776299dd569ba/tensorflow/lite/kernels/embedding_lookup.cc#L73-L74). An attacker can craft a model such that the first dimension of the `value` input is 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29595 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `DepthToSpace` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/depth_to_space.cc#L63-L69). An attacker can craft a model such that `params->block_size` is 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29594 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. TFLite's convolution code(https://github.com/tensorflow/tensorflow/blob/09c73bca7d648e961dd05898292d91a8322a9d45/tensorflow/lite/kernels/conv.cc) has multiple division where the divisor is controlled by the user and not checked to be non-zero. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29593 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `BatchToSpaceNd` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/b5ed552fe55895aee8bd8b191f744a069957d18d/tensorflow/lite/kernels/batch_to_space_nd.cc#L81-L82). An attacker can craft a model such that one dimension of the `block` input is 0. Hence, the corresponding value in `block_shape` is 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29592 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209) missed the case when the target shape of `Reshape` operator is given by the elements of a 1-D tensor. As such, the fix for the vulnerability(https://github.com/tensorflow/tensorflow/blob/9c1dc920d8ffb4893d6c9d27d1f039607b326743/tensorflow/lite/core/subgraph.cc#L1062-L1074) allowed passing a null-buffer-backed tensor with a 1D shape. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29591 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be replaced by stack overflow due to too many recursive calls. For example, the `While` implementation(https://github.com/tensorflow/tensorflow/blob/106d8f4fb89335a2c52d7c895b7a7485465ca8d9/tensorflow/lite/kernels/while.cc) could be tricked into a scneario where both the body and the loop subgraphs are the same. Evaluating one of the subgraphs means calling the `Eval` function for the other and this quickly exhaust all stack space. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range. Please consult our security guide(https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.

CVE#: CVE-2021-29590 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementations of the `Minimum` and `Maximum` TFLite operators can be used to read data outside of bounds of heap allocated objects, if any of the two input tensor arguments are empty. This is because the broadcasting implementation(https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/internal/reference/maximum_minimum.h#L52-L56) indexes in both tensors with the same index but does not validate that the index is within bounds. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29589 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The reference implementation of the `GatherNd` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/internal/reference/reference_ops.h#L966). An attacker can craft a model such that `params` input would be an empty tensor. In turn, `params_shape.Dims(.)` would be zero, in at least one dimension. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29588 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The optimized implementation of the `TransposeConv` TFLite operator is [vulnerable to a division by zero error](https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/internal/optimized/optimized_ops.h#L5221-L5222). An attacker can craft a model such that `stride_{h,w}` values are 0. Code calling this function must validate these arguments. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29587 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The `Prepare` step of the `SpaceToDepth` TFLite operator does not check for 0 before division(https://github.com/tensorflow/tensorflow/blob/5f7975d09eac0f10ed8a17dbb6f5964977725adc/tensorflow/lite/kernels/space_to_depth.cc#L63-L67). An attacker can craft a model such that `params->block_size` would be zero. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29586 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Optimized pooling implementations in TFLite fail to check that the stride arguments are not 0 before calling `ComputePaddingHeightWidth`(https://github.com/tensorflow/tensorflow/blob/3f24ccd932546416ec906a02ddd183b48a1d2c83/tensorflow/lite/kernels/pooling.cc#L90). Since users can craft special models which will have `params->stride_{height,width}` be zero, this will result in a division by zero. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29585 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The TFLite computation for size of output after padding, `ComputeOutSize`(https://github.com/tensorflow/tensorflow/blob/0c9692ae7b1671c983569e5d3de5565843d500cf/tensorflow/lite/kernels/padding.h#L43-L55), does not check that the `stride` argument is not 0 before doing the division. Users can craft special models such that `ComputeOutSize` is called with `stride` set to 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29584 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in caused by an integer overflow in constructing a new tensor shape. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/0908c2f2397c099338b901b067f6495a5b96760b/tensorflow/core/kernels/sparse_split_op.cc#L66-L70) builds a dense shape without checking that the dimensions would not result in overflow. The `TensorShape` constructor(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L183-L188) uses a `CHECK` operation which triggers when `InitDims`(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L212-L296) returns a non-OK status. This is a legacy implementation of the constructor and operations should use `BuildTensorShapeBase` or `AddDimWithStatus` to prevent `CHECK`-failures in the presence of overflows. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29583 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FusedBatchNorm` is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The implementation(https://github.com/tensorflow/tensorflow/blob/57d86e0db5d1365f19adcce848dfc1bf89fdd4c7/tensorflow/core/kernels/fused_batch_norm_op.cc) fails to validate that `scale`, `offset`, `mean` and `variance` (the last two only when required) all have the same number of elements as the number of channels of `x`. This results in heap out of bounds reads when the buffers backing these tensors are indexed past their boundary. If the tensors are empty, the validation mentioned in the above paragraph would also trigger and prevent the undefined behavior. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29582 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.Dequantize`, an attacker can trigger a read from outside of bounds of heap allocated data. The implementation(https://github.com/tensorflow/tensorflow/blob/26003593aa94b1742f34dc22ce88a1e17776a67d/tensorflow/core/kernels/dequantize_op.cc#L106-L131) accesses the `min_range` and `max_range` tensors in parallel but fails to check that they have the same shape. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29581 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.CTCBeamSearchDecoder`, an attacker can trigger denial of service via segmentation faults. The implementation(https://github.com/tensorflow/tensorflow/blob/a74768f8e4efbda4def9f16ee7e13cf3922ac5f7/tensorflow/core/kernels/ctc_decoder_ops.cc#L68-L79) fails to detect cases when the input tensor is empty and proceeds to read data from a null buffer. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29580 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalMaxPoolGrad` triggers an undefined behavior if one of the input tensors is empty. The code is also vulnerable to a denial of service attack as a `CHECK` condition becomes false and aborts the process. The implementation(https://github.com/tensorflow/tensorflow/blob/169054888d50ce488dfde9ca55d91d6325efbd5b/tensorflow/core/kernels/fractional_max_pool_op.cc#L215) fails to validate that input and output tensors are not empty and are of the same rank. Each of these unchecked assumptions is responsible for the above issues. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29579 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/tensorflow/tensorflow/blob/ab1e644b48c82cb71493f4362b4dd38f4577a1cf/tensorflow/core/kernels/maxpooling_op.cc#L194-L203) fails to validate that indices used to access elements of input/output arrays are valid. Whereas accesses to `input_backprop_flat` are guarded by `FastBoundsCheck`, the indexing in `out_backprop_flat` can result in OOB access. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29578 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalAvgPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/tensorflow/tensorflow/blob/dcba796a28364d6d7f003f6fe733d82726dda713/tensorflow/core/kernels/fractional_avg_pool_op.cc#L216) fails to validate that the pooling sequence arguments have enough elements as required by the `out_backprop` tensor shape. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29577 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.AvgPool3DGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/tensorflow/tensorflow/blob/d80ffba9702dc19d1fac74fc4b766b3fa1ee976b/tensorflow/core/kernels/pooling_ops_3d.cc#L376-L450) assumes that the `orig_input_shape` and `grad` tensors have similar first and last dimensions but does not check that this assumption is validated. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29576 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/tensorflow/tensorflow/blob/596c05a159b6fbb9e39ca10b3f7753b7244fa1e9/tensorflow/core/kernels/pooling_ops_3d.cc#L694-L696) does not check that the initialization of `Pool3dParameters` completes successfully. Since the constructor(https://github.com/tensorflow/tensorflow/blob/596c05a159b6fbb9e39ca10b3f7753b7244fa1e9/tensorflow/core/kernels/pooling_ops_3d.cc#L48-L88) uses `OP_REQUIRES` to validate conditions, the first assertion that fails interrupts the initialization of `params`, making it contain invalid data. In turn, this might cause a heap buffer overflow, depending on default initialized values. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29575 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.ReverseSequence` allows for stack overflow and/or `CHECK`-fail based denial of service. The implementation(https://github.com/tensorflow/tensorflow/blob/5b3b071975e01f0d250c928b2a8f901cd53b90a7/tensorflow/core/kernels/reverse_sequence_op.cc#L114-L118) fails to validate that `seq_dim` and `batch_dim` arguments are valid. Negative values for `seq_dim` can result in stack overflow or `CHECK`-failure, depending on the version of Eigen code used to implement the operation. Similar behavior can be exhibited by invalid values of `batch_dim`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29574 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` exhibits undefined behavior by dereferencing null pointers backing attacker-supplied empty tensors. The implementation(https://github.com/tensorflow/tensorflow/blob/72fe792967e7fd25234342068806707bbc116618/tensorflow/core/kernels/pooling_ops_3d.cc#L679-L703) fails to validate that the 3 tensor inputs are not empty. If any of them is empty, then accessing the elements in the tensor results in dereferencing a null pointer. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29573 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` is vulnerable to a division by 0. The implementation(https://github.com/tensorflow/tensorflow/blob/279bab6efa22752a2827621b7edb56a730233bd8/tensorflow/core/kernels/maxpooling_op.cc#L1033-L1034) fails to validate that the batch dimension of the tensor is non-zero, before dividing by this quantity. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29572 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementation(https://github.com/tensorflow/tensorflow/blob/60a45c8b6192a4699f2e2709a2645a751d435cc3/tensorflow/core/kernels/sdca_internal.cc) does not validate that the user supplied arguments satisfy all constraints expected by the op(https://www.tensorflow.org/api_docs/python/tf/raw_ops/SdcaOptimizer). The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29571 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation(https://github.com/tensorflow/tensorflow/blob/31bd5026304677faa8a0b77602c6154171b9aec1/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L116-L130) assumes that the last element of `boxes` input is 4, as required by [the op](https://www.tensorflow.org/api_docs/python/tf/raw_ops/DrawBoundingBoxesV2). Since this is not checked attackers passing values less than 4 can write outside of bounds of heap allocated objects and cause memory corruption. If the last dimension in `boxes` is less than 4, accesses similar to `tboxes(b, bb, 3)` will access data outside of bounds. Further during code execution there are also writes to these indices. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29570 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation(https://github.com/tensorflow/tensorflow/blob/ef0c008ee84bad91ec6725ddc42091e19a30cf0e/tensorflow/core/kernels/maxpooling_op.cc#L1016-L1017) uses the same value to index in two different arrays but there is no guarantee that the sizes are identical. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29569 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation(https://github.com/tensorflow/tensorflow/blob/ac328eaa3870491ababc147822cd04e91a790643/tensorflow/core/kernels/requantization_range_op.cc#L49-L50) assumes that the `input_min` and `input_max` tensors have at least one element, as it accesses the first element in two arrays. If the tensors are empty, `.flat()` is an empty object, backed by an empty array. Hence, accesing even the 0th element is a read outside the bounds. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29568 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in `tf.raw_ops.ParameterizedTruncatedNormal`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/3f6fe4dfef6f57e768260b48166c27d148f3015f/tensorflow/core/kernels/parameterized_truncated_normal_op.cc#L630) does not validate input arguments before accessing the first element of `shape`. If `shape` argument is empty, then `shape_tensor.flat()` is an empty array. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29567 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.SparseDenseCwiseMul`, an attacker can trigger denial of service via `CHECK`-fails or accesses to outside the bounds of heap allocated data. Since the implementation(https://github.com/tensorflow/tensorflow/blob/38178a2f7a681a7835bb0912702a134bfe3b4d84/tensorflow/core/kernels/sparse_dense_binary_op_shared.cc#L68-L80) only validates the rank of the input arguments but no constraints between dimensions(https://www.tensorflow.org/api_docs/python/tf/raw_ops/SparseDenseCwiseMul), an attacker can abuse them to trigger internal `CHECK` assertions (and cause program termination, denial of service) or to write to memory outside of bounds of heap allocated tensor buffers. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29566 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to `tf.raw_ops.Dilation2DBackpropInput`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/afd954e65f15aea4d438d0a219136fc4a63a573d/tensorflow/core/kernels/dilation_ops.cc#L321-L322) does not validate before writing to the output array. The values for `h_out` and `w_out` are guaranteed to be in range for `out_backprop` (as they are loop indices bounded by the size of the array). However, there are no similar guarantees relating `h_in_max`/`w_in_max` and `in_backprop`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29565 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.SparseFillEmptyRows`. This is because of missing validation(https://github.com/tensorflow/tensorflow/blob/fdc82089d206e281c628a93771336bf87863d5e8/tensorflow/core/kernels/sparse_fill_empty_rows_op.cc#L230-L231) that was covered under a `TODO`. If the `dense_shape` tensor is empty, then `dense_shape_t.vec<>()` would cause a null pointer dereference in the implementation of the op. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29564 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.EditDistance`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/79865b542f9ffdc9caeb255631f7c56f1d4b6517/tensorflow/core/kernels/edit_distance_op.cc#L103-L159) has incomplete validation of the input parameters. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29563 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29562 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.IRFFT`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29561 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from `tf.raw_ops.LoadAndRemapMatrix`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/d94227d43aa125ad8b54115c03cece54f6a1977b/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L219-L222) assumes that the `ckpt_path` is always a valid scalar. However, an attacker can send any other tensor as the first argument of `LoadAndRemapMatrix`. This would cause the rank `CHECK` in `scalar()()` to trigger and terminate the process. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29560 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `tf.raw_ops.RaggedTensorToTensor`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/d94227d43aa125ad8b54115c03cece54f6a1977b/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L219-L222) uses the same index to access two arrays in parallel. Since the user controls the shape of the input arguments, an attacker could trigger a heap OOB access when `parent_output_index` is shorter than `row_split`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29559 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data outside of bounds of heap allocated array in `tf.raw_ops.UnicodeEncode`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/472c1f12ad9063405737679d4f6bd43094e1d36d/tensorflow/core/kernels/unicode_ops.cc) assumes that the `input_value`/`input_splits` pair specify a valid sparse tensor. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29558 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `tf.raw_ops.SparseSplit`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/699bff5d961f0abfde8fa3f876e6d241681fbef8/tensorflow/core/util/sparse/sparse_tensor.h#L528-L530) accesses an array element based on a user controlled offset. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29557 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.SparseMatMul`. The division by 0 occurs deep in Eigen code because the `b` tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29556 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.Reverse`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/36229ea9e9451dac14a8b1f4711c435a1d84a594/tensorflow/core/kernels/reverse_op.cc#L75-L76) performs a division based on the first dimension of the tensor argument. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29555 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.FusedBatchNorm`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/828f346274841fa7505f7020e88ca36c22e557ab/tensorflow/core/kernels/fused_batch_norm_op.cc#L295-L297) performs a division based on the last dimension of the `x` tensor. Since this is controlled by the user, an attacker can trigger a denial of service. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29553 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in `tf.raw_ops.QuantizeAndDequantizeV3`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/11ff7f80667e6490d7b5174aa6bf5e01886e770f/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L237) does not validate the value of user supplied `axis` attribute before using it to index in the array backing the `input` argument. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29552 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of `num_segments` tensor argument for `UnsortedSegmentJoin`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/a2a607db15c7cd01d754d37e5448d72a13491bdb/tensorflow/core/kernels/unsorted_segment_join_op.cc#L92-L93) assumes that the `num_segments` tensor is a valid scalar. Since the tensor is empty the `CHECK` involved in `.scalar()()` that checks that the number of elements is exactly 1 will be invalidated and this would result in process termination. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29551 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixTriangularSolve`(https://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16e798/tensorflow/core/kernels/linalg/matrix_triangular_solve_op_impl.h#L160-L240) fails to terminate kernel execution if one validation condition fails. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29550 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.FractionalAvgPool`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_avg_pool_op.cc#L85-L89) computes a divisor quantity by dividing two user controlled values. The user controls the values of `input_size[i]` and `pooling_ratio_[i]` (via the `value.shape()` and `pooling_ratio` arguments). If the value in `input_size[i]` is smaller than the `pooling_ratio_[i]`, then the floor operation results in `output_size[i]` being 0. The `DCHECK_GT` line is a no-op outside of debug mode, so in released versions of TF this does not trigger. Later, these computed values are used as arguments(https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_avg_pool_op.cc#L96-L99) to `GeneratePoolingSequence`(https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_pool_common.cc#L100-L108). There, the first computation is a division in a modulo operation. Since `output_length` can be 0, this results in runtime crashing. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29549 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L289-L295) computes a modulo operation without validating that the divisor is not zero. Since `vector_num_elements` is determined based on input shapes(https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L522-L544), a user can trigger scenarios where this quantity is 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29548 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernels/quantized_batch_norm_op.cc) does not validate all constraints specified in the op's contract(https://www.tensorflow.org/api_docs/python/tf/raw_ops/QuantizedBatchNormWithGlobalNormalization). The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29547 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a segfault and denial of service via accessing data outside of bounds in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernels/quantized_batch_norm_op.cc#L176-L189) assumes the inputs are not empty. If any of these inputs is empty, `.flat()` is an empty buffer, so accessing the element at index 0 is accessing data outside of bounds. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29546 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger an integer division by zero undefined behavior in `tf.raw_ops.QuantizedBiasAdd`. This is because the implementation of the Eigen kernel(https://github.com/tensorflow/tensorflow/blob/61bca8bd5ba8a68b2d97435ddfafcdf2b85672cd/tensorflow/core/kernels/quantization_utils.h#L812-L849) does a division by the number of elements of the smaller input (based on shape) without checking that this is not zero. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29545 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in converting sparse tensors to CSR Sparse matrices. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/800346f2c03a27e182dd4fba48295f65e7790739/tensorflow/core/kernels/sparse/kernels.cc#L66) does a double redirection to access an element of an array allocated on the heap. If the value at `indices(i, 0)` is such that `indices(i, 0) + 1` is outside the bounds of `csr_row_ptr`, this results in writing outside of bounds of heap allocated data. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29544 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.QuantizeAndDequantizeV4Grad`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163) does not validate the rank of the `input_*` tensors. In turn, this results in the tensors being passes as they are to `QuantizeAndDequantizePerChannelGradientImpl`(https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306). However, the `vec` method, requires the rank to 1 and triggers a `CHECK` failure otherwise. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 as this is the only other affected version.

CVE#: CVE-2021-29543 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1615440b17b364b875eb06f43d087381f1460a65/tensorflow/core/kernels/ctc_decoder_ops.cc#L37-L50) has a `CHECK_LT` inserted to validate some invariants. When this condition is false, the program aborts, instead of returning a valid error to the user. This abnormal termination can be weaponized in denial of service attacks. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29542 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to `tf.raw_ops.StringNGrams`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1cdd4da14282210cc759e468d9781741ac7d01bf/tensorflow/core/kernels/string_ngrams_op.cc#L171-L185) fails to consider corner cases where input would be split in such a way that the generated tokens should only contain padding elements. If input is such that `num_tokens` is 0, then, for `data_start_index=0` (when left padding is present), the marked line would result in reading `data[-1]`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29541 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in `tf.raw_ops.StringNGrams`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1cdd4da14282210cc759e468d9781741ac7d01bf/tensorflow/core/kernels/string_ngrams_op.cc#L67-L74) does not fully validate the `data_splits` argument. This would result in `ngrams_data`(https://github.com/tensorflow/tensorflow/blob/1cdd4da14282210cc759e468d9781741ac7d01bf/tensorflow/core/kernels/string_ngrams_op.cc#L106-L110) to be a null pointer when the output would be computed to have 0 or negative size. Later writes to the output tensor would then cause a null pointer dereference. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29540 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow to occur in `Conv2DBackpropFilter`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1b0296c3b8dd9bd948f924aa8cd62f87dbb7c3da/tensorflow/core/kernels/conv_grad_filter_ops.cc#L495-L497) computes the size of the filter tensor but does not validate that it matches the number of elements in `filter_sizes`. Later, when reading/writing to this buffer, code uses the value computed here, instead of the number of elements in the tensor. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29539 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.ImmutableConst`(https://www.tensorflow.org/api_docs/python/tf/raw_ops/ImmutableConst) with a `dtype` of `tf.resource` or `tf.variant` results in a segfault in the implementation as code assumes that the tensor contents are pure scalars. We have patched the issue in 4f663d4b8f0bec1b48da6fa091a7d29609980fa4 and will release TensorFlow 2.5.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved. If using `tf.raw_ops.ImmutableConst` in code, you can prevent the segfault by inserting a filter for the `dtype` argument.

CVE#: CVE-2021-29538 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a division by zero to occur in `Conv2DBackpropFilter`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1b0296c3b8dd9bd948f924aa8cd62f87dbb7c3da/tensorflow/core/kernels/conv_grad_filter_ops.cc#L513-L522) computes a divisor based on user provided data (i.e., the shape of the tensors given as arguments). If all shapes are empty then `work_unit_size` is 0. Since there is no check for this case before division, this results in a runtime exception, with potential to be abused for a denial of service. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29537 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedResizeBilinear` by passing in invalid thresholds for the quantization. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/50711818d2e61ccce012591eeb4fdf93a8496726/tensorflow/core/kernels/quantized_resize_bilinear_op.cc#L705-L706) assumes that the 2 arguments are always valid scalars and tries to access the numeric value directly. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29536 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedReshape` by passing in invalid thresholds for the quantization. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/a324ac84e573fba362a5e53d4e74d5de6729933e/tensorflow/core/kernels/quantized_reshape_op.cc#L38-L55) assumes that the 2 arguments are always valid scalars and tries to access the numeric value directly. However, if any of these tensors is empty, then `.flat()` is an empty buffer and accessing the element at position 0 results in overflow. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29535 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedMul` by passing in invalid thresholds for the quantization. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/87cf4d3ea9949051e50ca3f071fc909538a51cd0/tensorflow/core/kernels/quantized_mul_op.cc#L287-L290) assumes that the 4 arguments are always valid scalars and tries to access the numeric value directly. However, if any of these tensors is empty, then `.flat()` is an empty buffer and accessing the element at position 0 results in overflow. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29534 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.SparseConcat`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/b432a38fe0e1b4b904a6c222cbce794c39703e87/tensorflow/core/kernels/sparse_concat_op.cc#L76) takes the values specified in `shapes[0]` as dimensions for the output shape. The `TensorShape` constructor(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L183-L188) uses a `CHECK` operation which triggers when `InitDims`(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L212-L296) returns a non-OK status. This is a legacy implementation of the constructor and operations should use `BuildTensorShapeBase` or `AddDimWithStatus` to prevent `CHECK`-failures in the presence of overflows. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29533 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK` failure by passing an empty image to `tf.raw_ops.DrawBoundingBoxes`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/ea34a18dc3f5c8d80a40ccca1404f343b5d55f91/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L148-L165) uses `CHECK_*` assertions instead of `OP_REQUIRES` to validate user controlled inputs. Whereas `OP_REQUIRES` allows returning an error condition back to the user, the `CHECK_*` macros result in a crash if the condition is false, similar to `assert`. In this case, `height` is 0 from the `images` input. This results in `max_box_row_clamp` being negative and the assertion being falsified, followed by aborting program execution. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29532 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to `tf.raw_ops.RaggedCross`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/efea03b38fb8d3b81762237dc85e579cc5fc6e87/tensorflow/core/kernels/ragged_cross_op.cc#L456-L487) lacks validation for the user supplied arguments. Each of the above branches call a helper function after accessing array elements via a `*_list[next_*]` pattern, followed by incrementing the `next_*` index. However, as there is no validation that the `next_*` values are in the valid range for the corresponding `*_list` arrays, this results in heap OOB reads. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29531 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a `CHECK` fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/e312e0791ce486a80c9d23110841525c6f7c3289/tensorflow/core/kernels/image/encode_png_op.cc#L57-L60) only validates that the total number of pixels in the image does not overflow. Thus, an attacker can send an empty matrix for encoding. However, if the tensor is empty, then the associated buffer is `nullptr`. Hence, when calling `png::WriteImageToBuffer`(https://github.com/tensorflow/tensorflow/blob/e312e0791ce486a80c9d23110841525c6f7c3289/tensorflow/core/kernels/image/encode_png_op.cc#L79-L93), the first argument (i.e., `image.flat().data()`) is `NULL`. This then triggers the `CHECK_NOTNULL` in the first line of `png::WriteImageToBuffer`(https://github.com/tensorflow/tensorflow/blob/e312e0791ce486a80c9d23110841525c6f7c3289/tensorflow/core/lib/png/png_io.cc#L345-L349). Since `image` is null, this results in `abort` being called after printing the stacktrace. Effectively, this allows an attacker to mount a denial of service attack. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29530 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference by providing an invalid `permutation` to `tf.raw_ops.SparseMatrixSparseCholesky`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/080f1d9e257589f78b3ffb75debf584168aa6062/tensorflow/core/kernels/sparse/sparse_cholesky_op.cc#L85-L86) fails to properly validate the input arguments. Although `ValidateInputs` is called and there are checks in the body of this function, the code proceeds to the next line in `ValidateInputs` since `OP_REQUIRES`(https://github.com/tensorflow/tensorflow/blob/080f1d9e257589f78b3ffb75debf584168aa6062/tensorflow/core/framework/op_requires.h#L41-L48) is a macro that only exits the current function. Thus, the first validation condition that fails in `ValidateInputs` will cause an early return from that function. However, the caller will continue execution from the next line. The fix is to either explicitly check `context->status()` or to convert `ValidateInputs` to return a `Status`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29529 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in `tf.raw_ops.QuantizedResizeBilinear` by manipulating input values so that float rounding results in off-by-one error in accessing image elements. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/44b7f486c0143f68b56c34e2d01e146ee445134a/tensorflow/core/kernels/quantized_resize_bilinear_op.cc#L62-L66) computes two integers (representing the upper and lower bounds for interpolation) by ceiling and flooring a floating point value. For some values of `in`, `interpolation->upper[i]` might be smaller than `interpolation->lower[i]`. This is an issue if `interpolation->upper[i]` is capped at `in_size-1` as it means that `interpolation->lower[i]` points outside of the image. Then, in the interpolation code(https://github.com/tensorflow/tensorflow/blob/44b7f486c0143f68b56c34e2d01e146ee445134a/tensorflow/core/kernels/quantized_resize_bilinear_op.cc#L245-L264), this would result in heap buffer overflow. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29528 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.QuantizedMul`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/55900e961ed4a23b438392024912154a2c2f5e85/tensorflow/core/kernels/quantized_mul_op.cc#L188-L198) does a division by a quantity that is controlled by the caller. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29527 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.QuantizedConv2D`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/00e9a4d67d76703fa1aee33dac582acf317e0e81/tensorflow/core/kernels/quantized_conv_ops.cc#L257-L259) does a division by a quantity that is controlled by the caller. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29526 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2D`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/988087bd83f144af14087fe4fecee2d250d93737/tensorflow/core/kernels/conv_ops.cc#L261-L263) does a division by a quantity that is controlled by the caller. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29525 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropInput`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/b40060c9f697b044e3107917c797ba052f4506ab/tensorflow/core/kernels/conv_grad_input_ops.h#L625-L655) does a division by a quantity that is controlled by the caller. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29524 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropFilter`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/496c2630e51c1a478f095b084329acedb253db6b/tensorflow/core/kernels/conv_grad_shape_utils.cc#L130) does a modulus operation where the divisor is controlled by the caller. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29523 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.AddManySparseToTensorsMap`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/kernels/sparse_tensors_map_ops.cc#L257) takes the values specified in `sparse_shape` as dimensions for the output shape. The `TensorShape` constructor(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L183-L188) uses a `CHECK` operation which triggers when `InitDims`(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L212-L296) returns a non-OK status. This is a legacy implementation of the constructor and operations should use `BuildTensorShapeBase` or `AddDimWithStatus` to prevent `CHECK`-failures in the presence of overflows. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29522 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The `tf.raw_ops.Conv3DBackprop*` operations fail to validate that the input tensors are not empty. In turn, this would result in a division by 0. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/a91bb59769f19146d5a0c20060244378e878f140/tensorflow/core/kernels/conv_grad_ops_3d.cc#L430-L450) does not check that the divisor used in computing the shard size is not zero. Thus, if attacker controls the input sizes, they can trigger a denial of service via a division by zero error. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29521 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a segmentation fault being thrown out from the standard library as `std::vector` invariants are broken. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/8f7b60ee8c0206a2c99802e3a4d1bb55d2bc0624/tensorflow/core/kernels/count_ops.cc#L199-L213) assumes the first element of the dense shape is always positive and uses it to initialize a `BatchedMap` (i.e., `std::vector>`(https://github.com/tensorflow/tensorflow/blob/8f7b60ee8c0206a2c99802e3a4d1bb55d2bc0624/tensorflow/core/kernels/count_ops.cc#L27)) data structure. If the `shape` tensor has more than one element, `num_batches` is the first value in `shape`. Ensuring that the `dense_shape` argument is a valid tensor shape (that is, all elements are non-negative) solves this issue. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 and TensorFlow 2.3.3.

CVE#: CVE-2021-29520 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Missing validation between arguments to `tf.raw_ops.Conv3DBackprop*` operations can result in heap buffer overflows. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/4814fafb0ca6b5ab58a09411523b2193fed23fed/tensorflow/core/kernels/conv_grad_shape_utils.cc#L94-L153) assumes that the `input`, `filter_sizes` and `out_backprop` tensors have the same shape, as they are accessed in parallel. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29519 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The API of `tf.raw_ops.SparseCross` allows combinations which would result in a `CHECK`-failure and denial of service. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/3d782b7d47b1bf2ed32bd4a246d6d6cadc4c903d/tensorflow/core/kernels/sparse_cross_op.cc#L114-L116) is tricked to consider a tensor of type `tstring` which in fact contains integral elements. Fixing the type confusion by preventing mixing `DT_STRING` and `DT_INT64` types solves this issue. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29518 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. In eager mode (default in TF 2.0 and later), session operations are invalid. However, users could still call the raw ops associated with them and trigger a null pointer dereference. The implementation(https://github.com/tensorflow/tensorflow/blob/eebb96c2830d48597d055d247c0e9aebaea94cd5/tensorflow/core/kernels/session_ops.cc#L104) dereferences the session state pointer without checking if it is valid. Thus, in eager mode, `ctx->session_state()` is nullptr and the call of the member function is undefined behavior. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29517 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. A malicious user could trigger a division by 0 in `Conv3D` implementation. The implementation(https://github.com/tensorflow/tensorflow/blob/42033603003965bffac51ae171b51801565e002d/tensorflow/core/kernels/conv_ops_3d.cc#L143-L145) does a modulo operation based on user controlled input. Thus, when `filter` has a 0 as the fifth element, this results in a division by 0. Additionally, if the shape of the two tensors is not valid, an Eigen assertion can be triggered, resulting in a program crash. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29516 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.RaggedTensorToVariant` with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of `RaggedTensorToVariant` operations(https://github.com/tensorflow/tensorflow/blob/904b3926ed1c6c70380d5313d282d248a776baa1/tensorflow/core/kernels/ragged_tensor_to_variant_op.cc#L39-L40) does not validate that the ragged tensor argument is non-empty. Since `batched_ragged` contains no elements, `batched_ragged.splits` is a null vector, thus `batched_ragged.splits(0)` will result in dereferencing `nullptr`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29515 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixDiag*` operations(https://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrix_diag_op.cc#L195-L197) does not validate that the tensor arguments are non-empty. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2021-29514 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does not specify a valid `SparseTensor`(https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor), then an attacker can trigger a heap buffer overflow. This will cause a read from outside the bounds of the `splits` tensor buffer in the implementation of the `RaggedBincount` op(https://github.com/tensorflow/tensorflow/blob/8b677d79167799f71c42fd3fa074476e0295413a/tensorflow/core/kernels/bincount_op.cc#L430-L446). Before the `for` loop, `batch_idx` is set to 0. The attacker sets `splits(0)` to be 7, hence the `while` loop does not execute and `batch_idx` remains 0. This then results in writing to `out(-1, bin)`, which is before the heap allocated buffer for the output tensor. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 and TensorFlow 2.3.3, as these are also affected.

CVE#: CVE-2021-29513 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++ array(https://github.com/tensorflow/tensorflow/blob/ff70c47a396ef1e3cb73c90513da4f5cb71bebba/tensorflow/python/lib/core/ndarray_tensor.cc#L113-L169) is vulnerable to a type confusion. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVE#: CVE-2020-27769 Published Date: 2021-05-14 CVSS: NO CVSS Description: In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.

CVE#: CVE-2020-17891 Published Date: 2021-05-14 CVSS: NO CVSS Description: TP-Link Archer C1200 firmware version 1.13 Build 2018/01/24 rel.52299 EU has a XSS vulnerability allowing a remote attacker to execute arbitrary code.

CVE#: CVE-2021-32820 Published Date: 2021-05-14 CVSS: NO CVSS Description: Express-handlebars is a Handlebars view engine for Express. Express-handlebars mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is somewhat restricted in that only files with existing extentions (i.e. file.extension) can be included, files that lack an extension will have .handlebars appended to them. For complete details refer to the referenced GHSL-2021-018 report. Notes in documentation have been added to help users avoid this potential information exposure vulnerability.

CVE#: CVE-2021-32819 Published Date: 2021-05-14 CVSS: NO CVSS Description: Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. There is currently no fix for these issues as of the publication of this CVE. The latest version of squirrelly is currently 8.0.8. For complete details refer to the referenced GHSL-2021-023.

CVE#: CVE-2021-32818 Published Date: 2021-05-14 CVSS: NO CVSS Description: haml-coffee is a JavaScript templating solution. haml-coffee mixes pure template data with engine configuration options through the Express render API. More specifically, haml-coffee supports overriding a series of HTML helper functions through its configuration options. A vulnerable application that passes user controlled request objects to the haml-coffee template engine may introduce RCE vulnerabilities. Additionally control over the escapeHtml parameter through template configuration pollution ensures that haml-coffee would not sanitize template inputs that may result in reflected Cross Site Scripting attacks against downstream applications. There is currently no fix for these issues as of the publication of this CVE. The latest version of haml-coffee is currently 1.14.1. For complete details refer to the referenced GHSL-2021-025.

CVE#: CVE-2021-32817 Published Date: 2021-05-14 CVSS: NO CVSS Description: express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is somewhat restricted in that only files with existing extentions (i.e. file.extension) can be included, files that lack an extension will have .hbs appended to them. For complete details refer to the referenced GHSL-2021-019 report. Notes in documentation have been added to help users of express-hbs avoid this potential information exposure vulnerability.

CVE#: CVE-2021-29554 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.DenseCountSparseOutput`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/efff014f3b2d8ef6141da30c806faf141297eca1/tensorflow/core/kernels/count_ops.cc#L123-L127) computes a divisor value from user data but does not check that the result is 0 before doing the division. Since `data` is given by the `values` argument, `num_batch_elements` is 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, and TensorFlow 2.3.3, as these are also affected.

CVE#: CVE-2021-29512 Published Date: 2021-05-14 CVSS: NO CVSS Description: TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does not specify a valid `SparseTensor`(https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor), then an attacker can trigger a heap buffer overflow. This will cause a read from outside the bounds of the `splits` tensor buffer in the implementation of the `RaggedBincount` op(https://github.com/tensorflow/tensorflow/blob/8b677d79167799f71c42fd3fa074476e0295413a/tensorflow/core/kernels/bincount_op.cc#L430-L433). Before the `for` loop, `batch_idx` is set to 0. The user controls the `splits` array, making it contain only one element, 0. Thus, the code in the `while` loop would increment `batch_idx` and then try to read `splits(1)`, which is outside of bounds. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 and TensorFlow 2.3.3, as these are also affected.

CVE#: CVE-2021-32816 Published Date: 2021-05-14 CVSS: NO CVSS Description: ProtonMail Web Client is the official AngularJS web client for the ProtonMail secure email service. ProtonMail Web Client before version 3.16.60 has a regular expression denial-of-service vulnerability. This was fixed in commit 6687fb. There is a full report available in the referenced GHSL-2021-027.

CVE#: CVE-2021-20565 Published Date: 2021-05-14 CVSS: NO CVSS Description: IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism. IBM X-Force ID: 199236.

CVE#: CVE-2021-20564 Published Date: 2021-05-14 CVSS: NO CVSS Description: IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 199235.

CVE#: CVE-2021-20429 Published Date: 2021-05-14 CVSS: NO CVSS Description: IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334.

CVE#: CVE-2021-20393 Published Date: 2021-05-14 CVSS: NO CVSS Description: IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001.

CVE#: CVE-2021-20392 Published Date: 2021-05-14 CVSS: NO CVSS Description: IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE#: CVE-2021-20391 Published Date: 2021-05-14 CVSS: NO CVSS Description: IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999.

CVE#: CVE-2020-4985 Published Date: 2021-05-14 CVSS: NO CVSS Description: IBM Planning Analytics Local 2.0 could allow an attacker to obtain sensitive information due to accepting body parameters in a query. IBM X-Force ID: 192642.

CVE#: CVE-2020-4811 Published Date: 2021-05-14 CVSS: NO CVSS Description: IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation.

CVE#: CVE-2020-23691 Published Date: 2021-05-14 CVSS: NO CVSS Description: YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php.

CVE#: CVE-2021-25943 Published Date: 2021-05-14 CVSS: NO CVSS Description: Prototype pollution vulnerability in '101' versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution.

CVE#: CVE-2021-25941 Published Date: 2021-05-14 CVSS: NO CVSS Description: Prototype pollution vulnerability in 'deep-override' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.

CVE#: CVE-2020-23689 Published Date: 2021-05-14 CVSS: NO CVSS Description: In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page.

CVE#: CVE-2020-18167 Published Date: 2021-05-14 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Homepage Introduction" field of component "admin/info.php?shuyu".

CVE#: CVE-2020-18166 Published Date: 2021-05-14 CVSS: NO CVSS Description: Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc".

CVE#: CVE-2021-32613 Published Date: 2021-05-14 CVSS: NO CVSS Description: In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.

CVE#: CVE-2020-27185 Published Date: 2021-05-14 CVSS: NO CVSS Description: Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial devices. Successfully exploiting the vulnerability could enable attackers to read authentication data, device configuration, and other sensitive data transmitted over Moxa Service.

CVE#: CVE-2020-27184 Published Date: 2021-05-14 CVSS: NO CVSS Description: The NPort IA5000A Series devices use Telnet as one of the network device management services. Telnet does not support the encryption of client-server communications, making it vulnerable to Man-in-the-Middle attacks.

CVE#: CVE-2021-24291 Published Date: 2021-05-14 CVSS: NO CVSS Description: The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET parameters passed to the bwg_frontend_data AJAX action (available to both unauthenticated and authenticated users)

CVE#: CVE-2021-24287 Published Date: 2021-05-14 CVSS: NO CVSS Description: The settings page of the Select All Categories and Taxonomies, Change Checkbox to Radio Buttons WordPress plugin before 1.3.2 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue

CVE#: CVE-2021-24286 Published Date: 2021-05-14 CVSS: NO CVSS Description: The settings page of the Redirect 404 to parent WordPress plugin before 1.3.1 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue

CVE#: CVE-2021-24285 Published Date: 2021-05-14 CVSS: NO CVSS Description: The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitise, validate or escape the order_id POST parameter before using it in a SQL statement, leading to a SQL Injection issue.

CVE#: CVE-2021-24284 Published Date: 2021-05-14 CVSS: NO CVSS Description: The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as PHP.

CVE#: CVE-2021-24283 Published Date: 2021-05-14 CVSS: NO CVSS Description: The tab GET parameter of the settings page is not sanitised or escaped when being output back in an HTML attribute, leading to a reflected XSS issue.

CVE#: CVE-2021-24282 Published Date: 2021-05-14 CVSS: NO CVSS Description: In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the various AJAX actions in the plugin to do a variety of things. For example, an attacker could use wpcf7r_reset_settings to reset the plugin’s settings, wpcf7r_add_action to add actions to a form, and more.

CVE#: CVE-2021-24281 Published Date: 2021-05-14 CVSS: NO CVSS Description: In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the delete_action_post AJAX action to delete any post on a target site.

CVE#: CVE-2021-24280 Published Date: 2021-05-14 CVSS: NO CVSS Description: In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the import_from_debug AJAX action to inject PHP objects.

CVE#: CVE-2021-24279 Published Date: 2021-05-14 CVSS: NO CVSS Description: In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, low level users, such as subscribers, could use the import_from_debug AJAX action to install any plugin from the WordPress repository.

CVE#: CVE-2021-24278 Published Date: 2021-05-14 CVSS: NO CVSS Description: In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, unauthenticated users can use the wpcf7r_get_nonce AJAX action to retrieve a valid nonce for any WordPress action/function.

CVE#: CVE-2021-24277 Published Date: 2021-05-14 CVSS: NO CVSS Description: The RSS for Yandex Turbo WordPress plugin before 1.30 did not properly sanitise the user inputs from its Счетчики settings tab before outputting them back in the page, leading to authenticated stored Cross-Site Scripting issues

CVE#: CVE-2021-24195 Published Date: 2021-05-14 CVSS: NO CVSS Description: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching) WordPress plugin before 1.8, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.

CVE#: CVE-2021-24194 Published Date: 2021-05-14 CVSS: NO CVSS Description: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login Protection - Limit Failed Login Attempts WordPress plugin before 2.9, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.

CVE#: CVE-2021-24193 Published Date: 2021-05-14 CVSS: NO CVSS Description: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Visitor Traffic Real Time Statistics WordPress plugin before 2.12, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.

CVE#: CVE-2021-24192 Published Date: 2021-05-14 CVSS: NO CVSS Description: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.

CVE#: CVE-2021-24191 Published Date: 2021-05-14 CVSS: NO CVSS Description: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Maintenance Mode & Site Under Construction WordPress plugin before 1.8.2, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.

CVE#: CVE-2021-24190 Published Date: 2021-05-14 CVSS: NO CVSS Description: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.

CVE#: CVE-2021-24189 Published Date: 2021-05-14 CVSS: NO CVSS Description: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Captchinoo, Google recaptcha for admin login page WordPress plugin before 2.4, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.

CVE#: CVE-2021-24188 Published Date: 2021-05-14 CVSS: NO CVSS Description: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click WordPress plugin before 3.1.5, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.

CVE#: CVE-2020-27150 Published Date: 2021-05-14 CVSS: NO CVSS Description: In multiple versions of NPort IA5000A Series, the result of exporting a device’s configuration contains the passwords of all users on the system and other sensitive data in the original form if “Pre-shared key” doesn’t set.

CVE#: CVE-2020-27149 Published Date: 2021-05-14 CVSS: NO CVSS Description: By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed.

CVE#: CVE-2021-30183 Published Date: 2021-05-14 CVSS: NO CVSS Description: Cleartext storage of sensitive information in multiple versions of Octopus Server where in certain situations when running import or export processes, the password used to encrypt and decrypt sensitive values would be written to the logs in plaintext.

CVE#: CVE-2020-27020 Published Date: 2021-05-14 CVSS: NO CVSS Description: Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation).

CVE#: CVE-2021-32051 Published Date: 2021-05-14 CVSS: NO CVSS Description: Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter.

CVE#: CVE-2021-31922 Published Date: 2021-05-14 CVSS: NO CVSS Description: An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager before 21.1 could allow an attacker to smuggle an HTTP request through an HTTP/2 Header. This vulnerability is resolved in 21.1, 20.3R1, 20.2R1, 20.1R2, 19.2R4, and 18.2R3.

CVE#: CVE-2021-33026 Published Date: 2021-05-13 CVSS: NO CVSS Description: The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct a crafted payload, poison the cache, and execute Python code.

CVE#: CVE-2021-32615 Published Date: 2021-05-13 CVSS: NO CVSS Description: Piwigo 11.4.0 allows admin/user_list_backend.php order[0][dir] SQL Injection.

CVE#: CVE-2021-31876 Published Date: 2021-05-13 CVSS: NO CVSS Description: Bitcoin Core 0.12.0 through 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for attackers to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. An unconfirmed child transaction with nSequence = 0xff_ff_ff_ff, spending an unconfirmed parent with nSequence <= 0xff_ff_ff_fd, should be replaceable because there is inherited signaling by the child transaction. However, the actual PreChecks implementation does not enforce this. Instead, mempool rejects the replacement attempt of the unconfirmed child transaction.

CVE#: CVE-2019-10062 Published Date: 2021-05-13 CVSS: NO CVSS Description: The HTMLSanitizer class in html-sanitizer.ts in all released versions of the Aurelia framework 1.x repository is vulnerable to XSS. The sanitizer only attempts to filter SCRIPT elements, which makes it feasible for remote attackers to conduct XSS attacks via (for example) JavaScript code in an attribute of various other elements. An attacker might also exploit a bug in how the SCRIPT string is processed by splitting and nesting them for example.

CVE#: CVE-2020-23996 Published Date: 2021-05-13 CVSS: NO CVSS Description: A local file inclusion vulnerability in ILIAS before 5.3.19, 5.4.10 and 6.0 allows remote authenticated attackers to execute arbitrary code via the import of personal data.

CVE#: CVE-2020-23995 Published Date: 2021-05-13 CVSS: NO CVSS Description: An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote authenticated attackers to get the upload data path via a workspace upload.

CVE#: CVE-2021-29510 Published Date: 2021-05-13 CVSS: NO CVSS Description: Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either `'infinity'`, `'inf'` or `float('inf')` (or their negatives) to `datetime` or `date` fields causes validation to run forever with 100% CPU usage (on one CPU). Pydantic has been patched with fixes available in the following versions: v1.8.2, v1.7.4, v1.6.2. All these versions are available on pypi(https://pypi.org/project/pydantic/#history), and will be available on conda-forge(https://anaconda.org/conda-forge/pydantic) soon. See the changelog(https://pydantic-docs.helpmanual.io/) for details. If you absolutely can't upgrade, you can work around this risk using a validator(https://pydantic-docs.helpmanual.io/usage/validators/) to catch these values. This is not an ideal solution (in particular you'll need a slightly different function for datetimes), instead of a hack like this you should upgrade pydantic. If you are not using v1.8.x, v1.7.x or v1.6.x and are unable to upgrade to a fixed version of pydantic, please create an issue at https://github.com/samuelcolvin/pydantic/issues requesting a back-port, and we will endeavour to release a patch for earlier versions of pydantic.

CVE#: CVE-2021-29506 Published Date: 2021-05-13 CVSS: NO CVSS Description: GraphHopper is an open-source Java routing engine. In GrassHopper from version 2.0 and before version 2.4, there is a regular expression injection vulnerability that may lead to Denial of Service. This has been patched in 2.4 and 3.0 See this pull request for the fix: https://github.com/graphhopper/graphhopper/pull/2304

CVE#: CVE-2021-27413 Published Date: 2021-05-13 CVSS: NO CVSS Description: Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.

CVE#: CVE-2021-23910 Published Date: 2021-05-13 CVSS: NO CVSS Description: An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. There is an out-of-bounds array access in RemoteDiagnosisApp.

CVE#: CVE-2021-23909 Published Date: 2021-05-13 CVSS: NO CVSS Description: An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The SH2 MCU allows remote code execution.

CVE#: CVE-2021-23908 Published Date: 2021-05-13 CVSS: NO CVSS Description: An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetAttributes in the HiQnet Protocol, leading to remote code execution.

CVE#: CVE-2021-23907 Published Date: 2021-05-13 CVSS: NO CVSS Description: An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The count in MultiSvGet, GetAttributes, and MultiSvSet is not checked in the HiQnet Protocol, leading to remote code execution.

CVE#: CVE-2021-23906 Published Date: 2021-05-13 CVSS: NO CVSS Description: An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code execution.

CVE#: CVE-2021-32925 Published Date: 2021-05-13 CVSS: NO CVSS Description: admin/user_import.php in Chamilo 1.11.14 reads XML data without disabling the ability to load external entities.

CVE#: CVE-2021-22140 Published Date: 2021-05-13 CVSS: NO CVSS Description: Elastic App Search versions after 7.11.0 and before 7.12.0 contain an XML External Entity Injection issue (XXE) in the App Search web crawler beta feature. Using this vector, an attacker whose website is being crawled by App Search could craft a malicious sitemap.xml to traverse the filesystem of the host running the instance and obtain sensitive files.

CVE#: CVE-2021-22139 Published Date: 2021-05-13 CVSS: NO CVSS Description: Kibana versions before 7.12.1 contain a denial of service vulnerability was found in the webhook actions due to a lack of timeout or a limit on the request size. An attacker with permissions to create webhook actions could drain the Kibana host connection pool, making Kibana unavailable for all other users.

CVE#: CVE-2021-22138 Published Date: 2021-05-13 CVSS: NO CVSS Description: In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature. When specifying a trusted server CA certificate Logstash would not properly verify the certificate returned by the monitoring server. This could result in a man in the middle style attack against the Logstash monitoring data.

CVE#: CVE-2021-22137 Published Date: 2021-05-13 CVSS: NO CVSS Description: In Elasticsearch versions before 7.11.2 and 6.8.15 a document disclosure flaw was found when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain cross-cluster search queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices.

CVE#: CVE-2021-22136 Published Date: 2021-05-13 CVSS: NO CVSS Description: In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where the xpack.security.session.idleTimeout setting is not being respected. This was caused by background polling activities unintentionally extending authenticated users sessions, preventing a user session from timing out.

CVE#: CVE-2021-22135 Published Date: 2021-05-13 CVSS: NO CVSS Description: Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure flaw was found in the Elasticsearch suggester and profile API when Document and Field Level Security are enabled. The suggester and profile API are normally disabled for an index when document level security is enabled on the index. Certain queries are able to enable the profiler and suggester which could lead to disclosing the existence of documents and fields the attacker should not be able to view.

CVE#: CVE-2021-29623 Published Date: 2021-05-13 CVSS: NO CVSS Description: Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A read of uninitialized memory was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The read of uninitialized memory is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to leak a few bytes of stack memory, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.4.

CVE#: CVE-2021-32921 Published Date: 2021-05-13 CVSS: NO CVSS Description: An issue was discovered in Prosody before 0.11.9. It does not use a constant-time algorithm for comparing certain secret strings when running under Lua 5.2 or later. This can potentially be used in a timing attack to reveal the contents of secret strings to an attacker.

CVE#: CVE-2021-32920 Published Date: 2021-05-13 CVSS: NO CVSS Description: Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests.

CVE#: CVE-2021-32919 Published Date: 2021-05-13 CVSS: NO CVSS Description: An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another server (when this option is enabled).

CVE#: CVE-2021-32918 Published Date: 2021-05-13 CVSS: NO CVSS Description: An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via memory exhaustion when running under Lua 5.2 or Lua 5.3.

CVE#: CVE-2021-32917 Published Date: 2021-05-13 CVSS: NO CVSS Description: An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth.

CVE#: CVE-2021-21424 Published Date: 2021-05-13 CVSS: NO CVSS Description: Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. We now ensure that 403s are returned whether the user exists or not if a user cannot switch to a user or if the user does not exist. The patch for this issue is available for branch 3.4.

CVE#: CVE-2021-20535 Published Date: 2021-05-13 CVSS: NO CVSS Description: IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 198834.

CVE#: CVE-2021-20221 Published Date: 2021-05-13 CVSS: NO CVSS Description: An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

CVE#: CVE-2021-20181 Published Date: 2021-05-13 CVSS: NO CVSS Description: A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability.

CVE#: CVE-2021-3528 Published Date: 2021-05-13 CVSS: NO CVSS Description: A flaw was found in noobaa-operator in versions before 5.7.0, where internal RPC AuthTokens between the noobaa operator and the noobaa core are leaked into log files. An attacker with access to the log files could use this AuthToken to gain additional access into noobaa deployment and can read/modify system configuration.

CVE#: CVE-2021-20025 Published Date: 2021-05-13 CVSS: NO CVSS Description: SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appliance remotely only when the device is freshly installed and not connected to Mysonicwall.

CVE#: CVE-2020-28063 Published Date: 2021-05-13 CVSS: NO CVSS Description: A file upload issue exists in all versions of ArticleCMS which allows malicious users to getshell.

CVE#: CVE-2020-27830 Published Date: 2021-05-13 CVSS: NO CVSS Description: A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.

CVE#: CVE-2020-27823 Published Date: 2021-05-13 CVSS: NO CVSS Description: A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CVE#: CVE-2020-25713 Published Date: 2021-05-13 CVSS: NO CVSS Description: A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common.

CVE#: CVE-2020-21342 Published Date: 2021-05-13 CVSS: NO CVSS Description: Insecure permissions issue in zzcms 201910 via the reset any user password in /one/getpassword.php.

CVE#: CVE-2020-20092 Published Date: 2021-05-13 CVSS: NO CVSS Description: File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code.

CVE#: CVE-2021-25693 Published Date: 2021-05-13 CVSS: NO CVSS Description: An attacker may cause a Denial of Service (DoS) in multiple versions of Teradici PCoIP Agent via a null pointer dereference.

CVE#: CVE-2021-20999 Published Date: 2021-05-13 CVSS: NO CVSS Description: In Weidmüller u-controls and IoT-Gateways in versions up to 1.12.1 a network port intended only for device-internal usage is accidentally accessible via external network interfaces. By exploiting this vulnerability the device may be manipulated or the operation may be stopped.

CVE#: CVE-2021-20998 Published Date: 2021-05-13 CVSS: NO CVSS Description: In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users.

CVE#: CVE-2021-20997 Published Date: 2021-05-13 CVSS: NO CVSS Description: In multiple managed switches by WAGO in different versions it is possible to read out the password hashes of all Web-based Management users.

CVE#: CVE-2021-20996 Published Date: 2021-05-13 CVSS: NO CVSS Description: In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties.

CVE#: CVE-2021-20995 Published Date: 2021-05-13 CVSS: NO CVSS Description: In multiple managed switches by WAGO in different versions the webserver cookies of the web based UI contain user credentials.

CVE#: CVE-2021-20994 Published Date: 2021-05-13 CVSS: NO CVSS Description: In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject possible malicious code into the Web-Based Management.

CVE#: CVE-2021-20993 Published Date: 2021-05-13 CVSS: NO CVSS Description: In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the index of the resources located inside the directory.

CVE#: CVE-2021-20988 Published Date: 2021-05-13 CVSS: NO CVSS Description: In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device.

CVE#: CVE-2021-20250 Published Date: 2021-05-13 CVSS: NO CVSS Description: A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.

CVE#: CVE-2020-27824 Published Date: 2021-05-13 CVSS: NO CVSS Description: A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability.

CVE#: CVE-2020-14354 Published Date: 2021-05-13 CVSS: NO CVSS Description: A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulnerability is to this service availability.

CVE#: CVE-2020-12526 Published Date: 2021-05-13 CVSS: NO CVSS Description: TwinCAT OPC UA Server in versions up to 2.3.0.12 and IPC Diagnostics UA Server in versions up to 3.1.0.1 from Beckhoff Automation GmbH & Co. KG are vulnerable to denial of service attacks. The attacker needs to send several specifically crafted requests to the running OPC UA server. After some of these requests the OPC UA server is no longer responsive to any client. This is without effect to the real-time functionality of IPCs.

CVE#: CVE-2021-25694 Published Date: 2021-05-13 CVSS: NO CVSS Description: Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere.

CVE#: CVE-2021-26311 Published Date: 2021-05-13 CVSS: NO CVSS Description: In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.

CVE#: CVE-2020-12967 Published Date: 2021-05-13 CVSS: NO CVSS Description: The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.

CVE#: CVE-2021-22154 Published Date: 2021-05-13 CVSS: NO CVSS Description: An Information Disclosure vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially gain access to a victim's web history.

CVE#: CVE-2021-22153 Published Date: 2021-05-13 CVSS: NO CVSS Description: A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with the authority of the user.

CVE#: CVE-2021-22152 Published Date: 2021-05-13 CVSS: NO CVSS Description: A Denial of Service due to Improper Input Validation vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially to prevent any new user connections.

CVE#: CVE-2021-20331 Published Date: 2021-05-13 CVSS: NO CVSS Description: Specific versions of the MongoDB C# Driver may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when commands such as "saslStart", "saslContinue", "isMaster", "createUser", and "updateUser" are executed. Without due care, an application may inadvertently expose this authenticated-related information, e.g., by writing it to a log file. This issue only arises if an application enables the command listener feature (this is not enabled by default). This issue affects the MongoDB C# Driver 2.12 <= 2.12.1.

CVE#: CVE-2021-31215 Published Date: 2021-05-13 CVSS: NO CVSS Description: SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.

CVE#: CVE-2021-28799 Published Date: 2021-05-13 CVSS: NO CVSS Description: An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to v3.0.210412 on QTS 4.3.6; versions prior to v3.0.210411 on QTS 4.3.4; versions prior to v3.0.210411 on QTS 4.3.3; versions prior to v16.0.0419 on QuTS hero h4.5.1; versions prior to v16.0.0419 on QuTScloud c4.5.1~c4.5.4. This issue does not affect: QNAP Systems Inc. HBS 2 . QNAP Systems Inc. HBS 1.3 .

CVE#: CVE-2020-36198 Published Date: 2021-05-13 CVSS: NO CVSS Description: A command injection vulnerability has been reported to affect certain versions of Malware Remover. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Malware Remover versions prior to 4.6.1.0. This issue does not affect: QNAP Systems Inc. Malware Remover 3.x.

CVE#: CVE-2020-36197 Published Date: 2021-05-13 CVSS: NO CVSS Description: An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability allows attackers to compromise the security of the software by gaining privileges, reading sensitive information, executing commands, evading detection, etc. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.3.16 on QTS 4.5.2; versions prior to 5.2.10 on QTS 4.3.6; versions prior to 5.1.14 on QTS 4.3.3; versions prior to 5.3.16 on QuTS hero h4.5.2; versions prior to 5.3.16 on QuTScloud c4.5.4.

CVE#: CVE-2021-22155 Published Date: 2021-05-13 CVSS: NO CVSS Description: An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry Workspaces Server (deployed with Appliance-X) version(s) 10.1, 9.1 and earlier could allow an attacker to potentially gain access to the application in the context of the targeted user’s account.

CVE#: CVE-2021-23135 Published Date: 2021-05-12 CVSS: NO CVSS Description: Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14.

CVE#: CVE-2021-23134 Published Date: 2021-05-12 CVSS: NO CVSS Description: Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.2 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.

CVE#: CVE-2020-28722 Published Date: 2021-05-12 CVSS: NO CVSS Description: Deskpro Cloud Platform and on-premise 2020.2.3.48207 from 2020-07-30 contains a cross-site scripting (XSS) vulnerability that can lead to an account takeover via custom email templates.

CVE#: CVE-2021-29511 Published Date: 2021-05-12 CVSS: NO CVSS Description: evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use `evm_core::Memory::copy_large`, the `evm` crate can over-allocate memory when it is not needed, making it possible for an attacker to perform denial-of-service attack. The flaw was corrected in commit `19ade85`. Users should upgrade to `==0.21.1, ==0.23.1, ==0.24.1, ==0.25.1, >=0.26.1`. There are no workarounds. Please upgrade your `evm` crate version.

CVE#: CVE-2020-19275 Published Date: 2021-05-12 CVSS: NO CVSS Description: An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path.

CVE#: CVE-2020-18165 Published Date: 2021-05-12 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Website SEO Keywords" field on the page "admin/info.php?shuyu".

CVE#: CVE-2021-30214 Published Date: 2021-05-12 CVSS: 2.7 Description: Knowage Suite 7.3 is vulnerable to Stored Client-Side Template Injection in '/knowage/restful-services/signup/update' via the 'name' parameter.

CVE#: CVE-2021-30213 Published Date: 2021-05-12 CVSS: 2.7 Description: Knowage Suite 7.3 is vulnerable to unauthenticated reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter.

CVE#: CVE-2021-30212 Published Date: 2021-05-12 CVSS: 2.7 Description: Knowage Suite 7.3 is vulnerable to Stored Cross-Site Scripting (XSS). An attacker can inject arbitrary web script in '/knowage/restful-services/documentnotes/saveNote' via the 'nota' parameter.

CVE#: CVE-2021-30211 Published Date: 2021-05-12 CVSS: 2.7 Description: Knowage Suite 7.3 is vulnerable to Stored Cross-Site Scripting (XSS). An attacker can inject arbitrary web script in '/knowage/restful-services/signup/update' via the 'surname' parameter.

CVE#: CVE-2020-19274 Published Date: 2021-05-12 CVSS: NO CVSS Description: A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code.

CVE#: CVE-2021-32611 Published Date: 2021-05-12 CVSS: NO CVSS Description: A NULL pointer dereference vulnerability exists in eXcall_api.c in Antisip eXosip2 through 5.2.0 when handling certain 3xx redirect responses.

CVE#: CVE-2021-32572 Published Date: 2021-05-12 CVSS: NO CVSS Description: Speco Web Viewer through 2021-05-12 allows Directory Traversal via GET request for a URI with /.. at the beginning, as demonstrated by reading the /etc/passwd file.

CVE#: CVE-2020-23790 Published Date: 2021-05-12 CVSS: NO CVSS Description: An Arbitrary File Upload vulnerability was discovered in the Golo Laravel theme v 1.1.5.

CVE#: CVE-2021-3457 Published Date: 2021-05-12 CVSS: NO CVSS Description: An improper authorization handling flaw was found in Foreman. The Shellhooks plugin for the smart-proxy allows Foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources and also causes a denial of service on the Foreman server. The highest threat from this vulnerability is to integrity and system availability.

CVE#: CVE-2021-32608 Published Date: 2021-05-12 CVSS: NO CVSS Description: An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/Boards/Partials/_ForumPost.cshtml does not call HtmlUtils.SanitizeHtml on certain text for a forum post.

CVE#: CVE-2021-32607 Published Date: 2021-05-12 CVSS: NO CVSS Description: An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/PrivateMessages/View.cshtml does not call HtmlUtils.SanitizeHtml on a private message.

CVE#: CVE-2021-31519 Published Date: 2021-05-12 CVSS: NO CVSS Description: An incorrect permission vulnerability in the product installer folders for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.

CVE#: CVE-2021-28649 Published Date: 2021-05-12 CVSS: NO CVSS Description: An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.

CVE#: CVE-2021-20202 Published Date: 2021-05-12 CVSS: NO CVSS Description: A flaw was found in keycloak. Directories can be created prior to the Java process creating them in the temporary directory, but with wider user permissions, allowing the attacker to have access to the contents that keycloak stores in this directory. The highest threat from this vulnerability is to data confidentiality and integrity.

CVE#: CVE-2020-27840 Published Date: 2021-05-12 CVSS: NO CVSS Description: A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.

CVE#: CVE-2021-31341 Published Date: 2021-05-12 CVSS: NO CVSS Description: A vulnerability has been identified in Mendix Database Replication (All versions < V7.0.1). Uploading a table mapping using a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework.

CVE#: CVE-2021-31339 Published Date: 2021-05-12 CVSS: NO CVSS Description: A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3). Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework.

CVE#: CVE-2021-27398 Published Date: 2021-05-12 CVSS: NO CVSS Description: A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27396. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13290)

CVE#: CVE-2021-27397 Published Date: 2021-05-12 CVSS: NO CVSS Description: A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13287)

CVE#: CVE-2021-27396 Published Date: 2021-05-12 CVSS: NO CVSS Description: A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27398. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13279)

CVE#: CVE-2021-27386 Published Date: 2021-05-12 CVSS: NO CVSS Description: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 4). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.

CVE#: CVE-2021-27385 Published Date: 2021-05-12 CVSS: NO CVSS Description: A remote attacker could send specially crafted packets to a SmartVNC device layout handler on the client side, which could influence the number of resources consumed and result in a denial-of-service condition (infinite loop) on the SIMATIC HMIs/WinCC Products SIMATIC HMI Comfort Outdoor Panels 7’ and 15’ (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4’to 22’ (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900, and KTP900F, SIMATIC WinCC Runtime Advanced (All versions prior to v16 Update 4).

CVE#: CVE-2021-27384 Published Date: 2021-05-12 CVSS: NO CVSS Description: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.

CVE#: CVE-2021-27383 Published Date: 2021-05-12 CVSS: NO CVSS Description: SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a denial-of-service condition on the SIMATIC HMIs/WinCC Products SIMATIC HMI Comfort Outdoor Panels 7’ and 15’ (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4’to 22’ (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900, and KTP900F, SIMATIC WinCC Runtime Advanced (All versions prior to v16 Update 4).

CVE#: CVE-2021-25662 Published Date: 2021-05-12 CVSS: NO CVSS Description: SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a denial-of-service condition on the SIMATIC HMIs/WinCC Products SIMATIC HMI Comfort Outdoor Panels 7’ and 15’ (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4’to 22’ (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900, and KTP900F, SIMATIC WinCC Runtime Advanced (All versions prior to v16 Update 4).

CVE#: CVE-2021-25661 Published Date: 2021-05-12 CVSS: NO CVSS Description: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.

CVE#: CVE-2021-25660 Published Date: 2021-05-12 CVSS: NO CVSS Description: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.

CVE#: CVE-2021-20277 Published Date: 2021-05-12 CVSS: NO CVSS Description: A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.

CVE#: CVE-2020-28393 Published Date: 2021-05-12 CVSS: NO CVSS Description: An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device on the SCALANCE XM-400, XR-500 (All versions prior to v6.4).

CVE#: CVE-2020-25242 Published Date: 2021-05-12 CVSS: NO CVSS Description: A vulnerability has been identified in SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions). Specially crafted packets sent to TCP port 102 could cause a Denial-of-Service condition on the affected devices. A cold restart might be necessary in order to recover.

CVE#: CVE-2019-19276 Published Date: 2021-05-12 CVSS: NO CVSS Description: A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 4). Specially crafted packets sent to port 161/udp can cause the SNMP service of affected devices to crash. A manual restart of the device is required to resume operation of the service.

CVE#: CVE-2020-13873 Published Date: 2021-05-12 CVSS: NO CVSS Description: A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/Topic.php in Codoforum before 4.9 allows remote attackers (pre-authentication) to bypass the admin page via a leaked password-reset token of the admin. (As an admin, an attacker can upload a PHP shell and execute remote code on the operating system.)

CVE#: CVE-2020-35198 Published Date: 2021-05-12 CVSS: NO CVSS Description: An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.

CVE#: CVE-2021-23892 Published Date: 2021-05-12 CVSS: NO CVSS Description: By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitrary code through insecure use of predictable temporary file locations.

CVE#: CVE-2021-23891 Published Date: 2021-05-12 CVSS: NO CVSS Description: Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense.

CVE#: CVE-2021-23872 Published Date: 2021-05-12 CVSS: NO CVSS Description: Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface.

CVE#: CVE-2020-36289 Published Date: 2021-05-12 CVSS: NO CVSS Description: Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.

----#MALWARE----

hostinfonet: RT @bkreeger: Why Only Watchguard? It‘s the era of securing web traffic through encryption. A study estimates that by the end of 2020, 75%…

cybersec_feeds: RT @MikkelsenDean: #Aviation - #Cybersecurity - New RATs & #Phishing attempts are going after this sector @Microsoft reports. The #malware…

jobinindia: RT @IoTNow_: #SonicWall capture ATP aces latest ICSA Lab test, finds more #malware https://t.co/mYyVRH84Qw #cybersecurity #IoT Link with Tweet

hostinfonet: RT @PhishStats: https://t.co/MAuIXRvYiq detected 31 new websites hosting #phishing | new today: 210 | #infosec #cybersecurity #malware http… Link with Tweet

sam11_pearl: RT @ingliguori: #infographic: 20 ways to build #security fortress from anywhere Via @ingliguori #DigitalTransformation #infosec #cyberattac…

botcybersec: RT @bkreeger: Why Only Watchguard? It‘s the era of securing web traffic through encryption. A study estimates that by the end of 2020, 75%…

beefyspace: RT @incognito_app: Microsoft has issued a warning to watch out for a new #malware that steals passwords, webcam and browser data. https://t…

bkreeger: Why Only Watchguard? It‘s the era of securing web traffic through encryption. A study estimates that by the end of… https://t.co/pJgM2x8R0z Link with Tweet

hostinfonet: RT @CSA2LLC: A Fake MSI Website Is Being Used to Spread Malware #MaliciousWebsite #Malware #FraudulentWebsite #WebBrowser #Cybersecurity h…

cybersec_feeds: RT @attacksolutions: Behind Every Successful Cyber Attack There Is A Human https://t.co/jUv2U322qd #Cyberattack #Cybersecurity #Cybercrime… Link with Tweet

botcybersec: RT @CSA2LLC: A Fake MSI Website Is Being Used to Spread Malware #MaliciousWebsite #Malware #FraudulentWebsite #WebBrowser #Cybersecurity h…

botcybersec: RT @jamamark3: #infographic: 20 ways to build #security fortress from anywhere Via @ingliguori #DigitalTransformation #infosec #cyberattack…

cybersec_feeds: RT @incognito_app: Microsoft has issued a warning to watch out for a new #malware that steals passwords, webcam and browser data. https://t…

CSA2LLC: A Fake MSI Website Is Being Used to Spread Malware #MaliciousWebsite #Malware #FraudulentWebsite #WebBrowser… https://t.co/bzh6etZjY9 Link with Tweet

bamitav: Hackers Using #Microsoft Build Engine to Deliver #Malware Filelessly https://t.co/KQqxDMC56B via @TheHackersNews… https://t.co/uOkiCoYghw Link with Tweet Link with Tweet

----#PHISHING----

hostinfonet: RT @bkreeger: Why Only Watchguard? It‘s the era of securing web traffic through encryption. A study estimates that by the end of 2020, 75%…

hostinfonet: RT @JinibaBD: DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security #DarkWeb #CyberSec #infosec #Security…

cybersec_feeds: RT @MikkelsenDean: #Aviation - #Cybersecurity - New RATs & #Phishing attempts are going after this sector @Microsoft reports. The #malware…

hostinfonet: RT @PhishStats: https://t.co/MAuIXRvYiq detected 31 new websites hosting #phishing | new today: 210 | #infosec #cybersecurity #malware http… Link with Tweet

hostinfonet: RT @viehgroup: Congratulations to @Ahmad_Halabi_ for his Journey & Ranking 1st in U.S. DoD & Achieving top 100 hackers in 1 year https://t…

botcybersec: RT @bkreeger: Why Only Watchguard? It‘s the era of securing web traffic through encryption. A study estimates that by the end of 2020, 75%…

JEMPradio: Phish - Maze (1-2-16) #Phish #CommunityRadio https://t.co/LPFrNPSY15 Link with Tweet

gdprAI: RT @JinibaBD: DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security #DarkWeb #CyberSec #infosec #Security…

JinibaBD: DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security #DarkWeb #CyberSec #infosec… https://t.co/8bLInm15mL Link with Tweet

bkreeger: Why Only Watchguard? It‘s the era of securing web traffic through encryption. A study estimates that by the end of… https://t.co/pJgM2x8R0z Link with Tweet

beefyspace: RT @viehgroup: Congratulations to @Ahmad_Halabi_ for his Journey & Ranking 1st in U.S. DoD & Achieving top 100 hackers in 1 year https://t…

ecarlesi: Threat on hxxp://bblesfeedback[.]com/failed/mazon/ #phishing #opendir #amazon #namesilo

botcybersec: RT @viehgroup: Congratulations to @Ahmad_Halabi_ for his Journey & Ranking 1st in U.S. DoD & Achieving top 100 hackers in 1 year https://t…

JEMPradio: Widespread Panic - Can't Get High (Live) #Phish #CommunityRadio https://t.co/LPFrNPSY15 Link with Tweet

kristian_C2: RT @NcsVentures: Royal Mail scam text: how to spot fake redelivery and dispatch fee messages – and what to do if you receive one | #phishin…

----#OSINT----

Ginger__T: I have added 6 awesome #OSINT practitioners to my website with links to their resources and guides on OSINT, and al… https://t.co/GiK8EvcnRn Link with Tweet

Cebren6: RT @madame_https: Interested in GEOINT quizzes walkthroughs ? 👀 I wrote an article showing the steps that I took to solve a @quiztime quiz…

RedPacketSec: The expert said that WhatsApp transfer users correspondence to Facebook - https://t.co/3MnvQ6qT37 #OSINT #Security… https://t.co/lQkvM3ah0M Link with Tweet Link with Tweet

RedPacketSec: GasBuddy Jumps to No. 1 on Apple Store After Colonial Pipeline Shutdown - https://t.co/T4HtNa6ZbG #OSINT #Security… https://t.co/W27LYqkRw7 Link with Tweet Link with Tweet

RedPacketSec: Apple's Find My Network: Can be Abused to Leak Secrets Via Passing Devices - https://t.co/m4mq8GQeVS #OSINT… https://t.co/0jUMezXFNw Link with Tweet Link with Tweet

RedPacketSec: FBI – CISA Published a Joint Advisory as Colonial Pipeline Suffers a Catastrophic Ransomware Attack -… https://t.co/D8eqvRiT4o Link with Tweet

RedPacketSec: RevengeRAT is Targeting the Aerospace and Travel Sectors with Spear-Phishing Emails - https://t.co/70r1mxhIbi… https://t.co/PwArOkmNdx Link with Tweet Link with Tweet

Search_Links: RT @sprp77: Find search engines #OSINT #SEO https://t.co/5zlXSkW96T https://t.co/xkctXqPDJP https://t.co/a3i8lalIGI https://t.co/xFE7tatf31… Link with Tweet Link with Tweet Link with Tweet Link with Tweet

osint_news: From ⁦@OsintCurious⁩ : Searching with Shodan https://t.co/vWx1qpYHI9 #OSINT Link with Tweet

OsintQuest: RT @WHInspector: [#DailyOSINT -Day#111] Discover and translate text found in images by using optical character recognition (OCR) tools such…

StearmanWarren: RT @harshbothra_: #Learn365 Day - 133: GitDorker Talk Talk by @obheda12 : https://t.co/dcUXUpU551 GitDorker: https://t.co/XWScLaagzg #… Link with Tweet Link with Tweet

acn128: RT @navlys_: [THREAD] #Hacking & #OSINT are not just about skills, it's also a mindset! Here's a brief list of documentaries/movies/series…

cybsecbot: RT @hostinfonet: 🔍#wordpress #honeypot Hit: 54.250.87.247 JP - https://t.co/2XQ7zY9XG6, Inc. 🗒️Abuse Report: https://t.co/elXNfVuiCX #i… Link with Tweet Link with Tweet

cybersec_feeds: RT @threatshub: ThreatsHub Cybersecurity News | Cloudflare launches campaign to ‘end the madness’ of CAPTCHAs - https://t.co/97MGnDy3L8 #Cy… Link with Tweet

----#THREATINTEL----

hostinfonet: RT @JinibaBD: DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security #DarkWeb #CyberSec #infosec #Security…

gdprAI: RT @JinibaBD: DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security #DarkWeb #CyberSec #infosec #Security…

JinibaBD: DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security #DarkWeb #CyberSec #infosec… https://t.co/8bLInm15mL Link with Tweet

RedPacketSec: The expert said that WhatsApp transfer users correspondence to Facebook - https://t.co/3MnvQ6qT37 #OSINT #Security… https://t.co/lQkvM3ah0M Link with Tweet Link with Tweet

RedPacketSec: GasBuddy Jumps to No. 1 on Apple Store After Colonial Pipeline Shutdown - https://t.co/T4HtNa6ZbG #OSINT #Security… https://t.co/W27LYqkRw7 Link with Tweet Link with Tweet

RedPacketSec: Apple's Find My Network: Can be Abused to Leak Secrets Via Passing Devices - https://t.co/m4mq8GQeVS #OSINT… https://t.co/0jUMezXFNw Link with Tweet Link with Tweet

RedPacketSec: FBI – CISA Published a Joint Advisory as Colonial Pipeline Suffers a Catastrophic Ransomware Attack -… https://t.co/D8eqvRiT4o Link with Tweet

RedPacketSec: RevengeRAT is Targeting the Aerospace and Travel Sectors with Spear-Phishing Emails - https://t.co/70r1mxhIbi… https://t.co/PwArOkmNdx Link with Tweet Link with Tweet

RealSalesAdvice: RT @RRaoPV: Do you have any doubts/questions in Product/App Security? Reachout to me #ThreatModeling #SAST #SCA #DAST #PT #ThreatIntel #Sta…

cybsecbot: RT @RRaoPV: Do you have any doubts/questions in Product/App Security? Reachout to me #ThreatModeling #SAST #SCA #DAST #PT #ThreatIntel #Sta…

SecurityXTV: RT @RRaoPV: Do you have any doubts/questions in Product/App Security? Reachout to me #ThreatModeling #SAST #SCA #DAST #PT #ThreatIntel #Sta…

sectest9: RT @RRaoPV: Do you have any doubts/questions in Product/App Security? Reachout to me #ThreatModeling #SAST #SCA #DAST #PT #ThreatIntel #Sta…

CyberSecurityN8: RT @RRaoPV: Do you have any doubts/questions in Product/App Security? Reachout to me #ThreatModeling #SAST #SCA #DAST #PT #ThreatIntel #Sta…

botcybersec: RT @RRaoPV: Do you have any doubts/questions in Product/App Security? Reachout to me #ThreatModeling #SAST #SCA #DAST #PT #ThreatIntel #Sta…

cephalopodluke2: RT @RRaoPV: Do you have any doubts/questions in Product/App Security? Reachout to me #ThreatModeling #SAST #SCA #DAST #PT #ThreatIntel #Sta…

----#RANSOMWARE----

Bansiog1: RT @StevieCahill: Honestly don't know how the bastards got in to every one of these bad boys. Takes me a half hour every morning to get int…

sam11_pearl: RT @ingliguori: #infographic: 20 ways to build #security fortress from anywhere Via @ingliguori #DigitalTransformation #infosec #cyberattac…

BotFemale: RT @rneelmani: #Linux and #opensource communities rise to ⁦@JoeBiden⁩ #cybersecurity challenge. Amidst #ransomware and #supplychain attacks…

hostinfonet: RT @rneelmani: #Linux and #opensource communities rise to ⁦@JoeBiden⁩ #cybersecurity challenge. Amidst #ransomware and #supplychain attacks…

mirko_ross: 🙄 High profit week for #darkside #Ransomware attackers: - USD 5 Mio. via #ColonialPipeline - USD 4.4 Mio via… https://t.co/Bdn22WPZya Link with Tweet

hostinfonet: RT @Strata_Sec: UK Public Sector >> No more excuses for #cybersecurity failures in councils Great piece with our CEO Chris Burtenshaw and…

FrankSiedler: RT @ClyneKaren: Learn more about #DarkSide #ransomware and how the BlackBerry Threat Research team was able to successfully prevent this ra…

cybersec_feeds: RT @attacksolutions: Behind Every Successful Cyber Attack There Is A Human https://t.co/jUv2U322qd #Cyberattack #Cybersecurity #Cybercrime… Link with Tweet

botcybersec: RT @Strata_Sec: UK Public Sector >> No more excuses for #cybersecurity failures in councils Great piece with our CEO Chris Burtenshaw and…

botcybersec: RT @jamamark3: #infographic: 20 ways to build #security fortress from anywhere Via @ingliguori #DigitalTransformation #infosec #cyberattack…

CollaBrius: RT @QAValley: Preventing Internal Cyberattacks Could Save Companies Millions https://t.co/8WQSB29a1D #Cyberattack #Cybercriminal #CyberSec… Link with Tweet

Corix_JC: RT @Strata_Sec: UK Public Sector >> No more excuses for #cybersecurity failures in councils Great piece with our CEO Chris Burtenshaw and…

Strata_Sec: UK Public Sector >> No more excuses for #cybersecurity failures in councils Great piece with our CEO Chris Burtens… https://t.co/ySJxQD2Lw1 Link with Tweet

cybersec_feeds: RT @QAValley: Preventing Internal Cyberattacks Could Save Companies Millions https://t.co/8WQSB29a1D #Cyberattack #Cybercriminal #CyberSec… Link with Tweet

defcon661: RT @InfosecurityMag: Ireland’s healthcare system is being subjected to a #ransomware attack, which has led to its taking its IT systems off…

-----#OPENDIR----

ecarlesi: Threat on hxxp://bblesfeedback[.]com/failed/mazon/ #phishing #opendir #amazon #namesilo

ecarlesi: Threat on hxxp://bblesfeedback[.]com/failed/amaz[.]zip #phishing #opendir

ecarlesi: Threat on hxxps://amastepbysteprim[.]live/mwqa/7add2/ #phishing #opendir #amazon #tucows

ecarlesi: Threat on hxxps://amastepbysteprim[.]live/mwqa/ #phishing #opendir #amazon #tucows

ecarlesi: Possible threat on hxxp://shop56[.]xyz #opendir

ecarlesi: Threat on hxxps://amastepbysteprim[.]live/mwqa/ddf87/ #phishing #opendir #amazon #tucows

ecarlesi: Possible threat on hxxps://likeehr[.]online #opendir #godaddy

ecarlesi: Possible threat on hxxp://siap4d[.]life #opendir

ecarlesi: Possible threat on hxxps://1ikeshop24[.]biz #opendir

ecarlesi: Possible threat on hxxps://surat4d[.]xyz #opendir #godaddy

ecarlesi: Possible threat on hxxps://mbo128[.]org #opendir

botcybersec: RT @ecarlesi: Threat on hxxp://downloadapp[.]buzz/light[.]apk #opendir #malware

ecarlesi: Threat on hxxp://downloadapp[.]buzz/light[.]apk #opendir #malware

ecarlesi: Possible threat on hxxps://healpakistan[.]org/healpakistan[.]zip #phishing #opendir

ecarlesi: Possible threat on hxxps://keny2[.]biz #opendir

-----#MALSPAM----

YourAnonRiots: RT @reecdeep: #AveMaria #Malware #Rat warzone160 from #Malspam "New Orders" MD5: 2D6777D42FC6F72939F1601A5D3658EB 🔥c2:104.209.[133.4 #in…

panda_zheng: RT @reecdeep: #Malspam targeting #Italy 🇮🇹 spreads #AsyncRat #Malware "Nuovo ordine per P/O" hxxp://cybercrypter.com/XNAFrameworkClassLib…

th3c0rt3x: RT @luc4m: #opendir #malspam DHL .. still using equation editor exploit CVE-2017-11882 ! 😅 MB:a9c7ea924ea0c6af707d98184f710331 @malwrhunt…

Lous666: RT @reecdeep: #AgentTesla #Malware from #Malspam "telephone conversation" MD5: A0494AF086A80AABB398034D4438AD12 🔥 pauline.nguimfack@elect…

alexfrancow_sec: RT @luc4m: #opendir #malspam DHL .. still using equation editor exploit CVE-2017-11882 ! 😅 MB:a9c7ea924ea0c6af707d98184f710331 @malwrhunt…

luc4m: #opendir #malspam DHL .. still using equation editor exploit CVE-2017-11882 ! 😅 MB:a9c7ea924ea0c6af707d98184f71033… https://t.co/fybSfyWP4G Link with Tweet

luigi_martire94: RT @reecdeep: #Malspam targeting #Italy 🇮🇹 spreads #AsyncRat #Malware "Nuovo ordine per P/O" hxxp://cybercrypter.com/XNAFrameworkClassLib…

YourAnonRiots: RT @reecdeep: #Malspam targeting #Italy 🇮🇹 spreads #AsyncRat #Malware "Nuovo ordine per P/O" hxxp://cybercrypter.com/XNAFrameworkClassLib…

CyberSandb0x: RT @reecdeep: #Malspam targeting #Italy 🇮🇹 spreads #AsyncRat #Malware "Nuovo ordine per P/O" hxxp://cybercrypter.com/XNAFrameworkClassLib…

Optimas7527661: RT @reecdeep: #Malspam targeting #Italy 🇮🇹 spreads #AsyncRat #Malware "Nuovo ordine per P/O" hxxp://cybercrypter.com/XNAFrameworkClassLib…

reecdeep: #Malspam targeting #Italy 🇮🇹 spreads #AsyncRat #Malware "Nuovo ordine per P/O" hxxp://cybercrypter.com/XNAFramewo… https://t.co/UT2444NtcJ Link with Tweet

gutterchurl: RT @MBThreatIntel: #SnakeKeylogger via CVE-2017-11882 #malspam ➡️ Example maldoc: 79cc8c0593b05956f1d23ac078fcffca ➡️ Download URL: http:…

Ledtech3: RT @whitehoodie4: #snakekeylogger #trojan hosted @discord via #malspam impersonating @AlibabaGroup https://t.co/oY3jaKfbLN https://t.co/a6… Link with Tweet

0x10111011: RT @whitehoodie4: #snakekeylogger #trojan hosted @discord via #malspam impersonating @AlibabaGroup https://t.co/oY3jaKfbLN https://t.co/a6… Link with Tweet

wartapotan: RT @MBThreatIntel: #SnakeKeylogger via CVE-2017-11882 #malspam ➡️ Example maldoc: 79cc8c0593b05956f1d23ac078fcffca ➡️ Download URL: http:…

----#EMOTET----

RandiM20: RT @mazzenilsson: Based on Western media hearsay, Wikipedia and other had falsely attributed #Emotet to Russian actors. The real people beh…

NtlanganisoG: RT @mazzenilsson: Based on Western media hearsay, Wikipedia and other had falsely attributed #Emotet to Russian actors. The real people beh…

Nickstooblessed: RT @CyberNews: The Emotet banking trojan has been active at least since 2014, and was named the world’s most dangerous #malware. Read how t…

sectest9: RT @bschorr: Data From The #Emotet #Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU https://t.co/EemsrGMqnx <… Link with Tweet

CyberSecurityN8: RT @bschorr: Data From The #Emotet #Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU https://t.co/EemsrGMqnx <… Link with Tweet

botcybersec: RT @bschorr: Data From The #Emotet #Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU https://t.co/EemsrGMqnx <… Link with Tweet

CybazeSocial: RT @bschorr: Data From The #Emotet #Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU https://t.co/EemsrGMqnx <… Link with Tweet

macklamm: RT @mazzenilsson: Based on Western media hearsay, Wikipedia and other had falsely attributed #Emotet to Russian actors. The real people beh…

bschorr: Data From The #Emotet #Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU… https://t.co/Ryd7zk5nK4 Link with Tweet

botcybersec: RT @Somerford_Ltd: Whilst #EMOTET was a Trojan when first seen in 2014, it has recently re-emerged as a more complex malware. Our technol…

Somerford_Ltd: Whilst #EMOTET was a Trojan when first seen in 2014, it has recently re-emerged as a more complex malware. Our te… https://t.co/EvmIyydGk1 Link with Tweet

stevano_b: RT @mazzenilsson: Based on Western media hearsay, Wikipedia and other had falsely attributed #Emotet to Russian actors. The real people beh…

reggaecrisp1: RT @mazzenilsson: Based on Western media hearsay, Wikipedia and other had falsely attributed #Emotet to Russian actors. The real people beh…

PaintressApril: RT @mazzenilsson: Based on Western media hearsay, Wikipedia and other had falsely attributed #Emotet to Russian actors. The real people beh…

sondrapero: RT @mazzenilsson: Based on Western media hearsay, Wikipedia and other had falsely attributed #Emotet to Russian actors. The real people beh…

-----#BUGBOUNTY----

Vivekchanchal98: RT @0dayCTF: Awesome Bug Bounty One Liners - Repo: https://t.co/NapJ5fmWeU - Credit: @TomNomNom for the example in the screenshot ♥ - #bugb… Link with Tweet

hostinfonet: RT @viehgroup: Congratulations to @Ahmad_Halabi_ for his Journey & Ranking 1st in U.S. DoD & Achieving top 100 hackers in 1 year https://t…

beefyspace: RT @viehgroup: Congratulations to @Ahmad_Halabi_ for his Journey & Ranking 1st in U.S. DoD & Achieving top 100 hackers in 1 year https://t…

botcybersec: RT @viehgroup: Congratulations to @Ahmad_Halabi_ for his Journey & Ranking 1st in U.S. DoD & Achieving top 100 hackers in 1 year https://t…

gowtham006006: RT @disclosedh1: GitLab disclosed a bug submitted by @wcbowling: https://t.co/mNsIiNhG8u - Bounty: $20,000 #hackerone #bugbounty https://t.… Link with Tweet

sectest9: RT @naglinagli: Mass Assignment exploitation in the wild - Escalating privileges in style A blog post about a Mass Assignment vulnerabilit…

CyberSecurityN8: RT @naglinagli: Mass Assignment exploitation in the wild - Escalating privileges in style A blog post about a Mass Assignment vulnerabilit…

davidvalles007: RT @naglinagli: Mass Assignment exploitation in the wild - Escalating privileges in style A blog post about a Mass Assignment vulnerabilit…

MikhailJennings: RT @disclosedh1: GitLab disclosed a bug submitted by @wcbowling: https://t.co/AT5tpl2rqG - Bounty: $20,000 #hackerone #bugbounty https://t.… Link with Tweet

ThePixelSword: RT @programmerjoke9: Cry Now 😭 https://t.co/h06rE2TuIi #100Daysofcode #javascript #programming #dev #linux #java #programming #CodeNewbie #… Link with Tweet

cameliaclement: RT @programmerjoke9: Cry Now 😭 https://t.co/h06rE2TuIi #100Daysofcode #javascript #programming #dev #linux #java #programming #CodeNewbie #… Link with Tweet

DjangoBot_: RT @programmerjoke9: Cry Now 😭 https://t.co/h06rE2TuIi #100Daysofcode #javascript #programming #dev #linux #java #programming #CodeNewbie #… Link with Tweet

xaelbot: RT @programmerjoke9: Cry Now 😭 https://t.co/h06rE2TuIi #100Daysofcode #javascript #programming #dev #linux #java #programming #CodeNewbie #… Link with Tweet

100DaysOf2020: RT @programmerjoke9: Cry Now 😭 https://t.co/h06rE2TuIi #100Daysofcode #javascript #programming #dev #linux #java #programming #CodeNewbie #… Link with Tweet

iPythonistaBot: RT @programmerjoke9: Cry Now 😭 https://t.co/h06rE2TuIi #100Daysofcode #javascript #programming #dev #linux #java #programming #CodeNewbie #… Link with Tweet

----#CYBERCRIME----

hostinfonet: RT @JinibaBD: DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security #DarkWeb #CyberSec #infosec #Security…

hostinfonet: RT @cyber__w0rld: R u #victim of #cyberfraud by a #fake #email then #read the #article on how to track #real #location of fake e-mail ID ht…

hostinfonet: RT @EndNowCyber: Use Social Media Sensibly – Don’t Like, Comment, Forward, or Share – That Creates Panic, Hatred, and Violence. #fakenews…

hostinfonet: RT @PayalRaghuvans3: Limitations & Advantages of Machine Learning & AI in Antivirus Software https://t.co/IwPOLdSdeE #datacleaning #dataw… Link with Tweet

hostinfonet: RT @PayalRaghuvans3: Antivirus Software Protects Files at the Cost of Your Privacy https://t.co/nbzOMhAwe9 #datacleaning #datawiping #dat… Link with Tweet

gdprAI: RT @JinibaBD: DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security #DarkWeb #CyberSec #infosec #Security…

JinibaBD: DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security #DarkWeb #CyberSec #infosec… https://t.co/8bLInm15mL Link with Tweet

carophillips1: RT @Ascension_GT: The Colonial Pipeline attack thrust the DarkSide ransomware into the spotlight. This is what's known about the threat act…

gdprAI: RT @PayalRaghuvans3: Limitations & Advantages of Machine Learning & AI in Antivirus Software https://t.co/IwPOLdSdeE #datacleaning #dataw… Link with Tweet

cybersec_feeds: RT @attacksolutions: Behind Every Successful Cyber Attack There Is A Human https://t.co/jUv2U322qd #Cyberattack #Cybersecurity #Cybercrime… Link with Tweet

gdprAI: RT @PayalRaghuvans3: Antivirus Software Protects Files at the Cost of Your Privacy https://t.co/nbzOMhAwe9 #datacleaning #datawiping #dat… Link with Tweet

botcybersec: RT @PayalRaghuvans3: Antivirus Software Protects Files at the Cost of Your Privacy https://t.co/nbzOMhAwe9 #datacleaning #datawiping #dat… Link with Tweet

bamitav: Hackers Using #Microsoft Build Engine to Deliver #Malware Filelessly https://t.co/KQqxDMC56B via @TheHackersNews… https://t.co/uOkiCoYghw Link with Tweet Link with Tweet

sectest9: RT @PayalRaghuvans3: Antivirus Software Protects Files at the Cost of Your Privacy https://t.co/nbzOMhAwe9 #datacleaning #datawiping #dat… Link with Tweet

CyberSecurityN8: RT @PayalRaghuvans3: Antivirus Software Protects Files at the Cost of Your Privacy https://t.co/nbzOMhAwe9 #datacleaning #datawiping #dat… Link with Tweet

----Hacking Updates----

aigars-github updated blacklist. This repo has 0 stars and 1 watchers. This repo was created on 2020-10-24. --- IP's from which scanning, spaming or hacking attempts detected

ExRr4R updated Hacking. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-15. --- Fb-Hack

jajinkya updated Data-Hack-s-JOB-A-THON. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-14. --- Hackathon conducted by Data Hack.

ExRr4R updated Err4R. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-15. --- Hacking

spectertraww updated PwnLnX. This repo has 76 stars and 4 watchers. This repo was created on 2021-02-23. --- An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer: This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a computer network without authorization or permission is illegal.

a-marionette updated Auto-Highlighter. This repo has 2 stars and 2 watchers. This repo was created on 2021-05-09. --- A Burp Suite extension to track automated and manual analysis of all unique requests

Manikanta-Bhuvanesh updated Ethical-hacking. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-15. --- None

JamesAzoba updated zooba-hack-ios-cheats-free-gems. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-15. --- Zooba Hack iOS free gems Cheats 2021 that work no verification

RfidResearchGroup updated proxmark3. This repo has 1024 stars and 71 watchers. This repo was created on 2018-08-12. --- RRG / Iceman repo, the most totally wicked repo around if you are into Proxmark3 and RFID hacking

makuga01 updated dnsFookup. This repo has 164 stars and 4 watchers. This repo was created on 2019-09-16. --- DNS rebinding toolkit

ecajagi updated Projects. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-11. --- Here I practice what I've learned. What the hack, it works!

ZQiu233 updated QTRHacker. This repo has 38 stars and 5 watchers. This repo was created on 2018-07-21. --- A powerful memory hack for Terraria

jeffjadulco updated hn. This repo has 33 stars and 2 watchers. This repo was created on 2021-01-10. --- :computer: A personal Hacker News reader using Next.js

PLUS-POSTECH updated study.plus.or.kr. This repo has 4 stars and 5 watchers. This repo was created on 2017-06-18. --- Study hard to become a good hacker

yashrajkakkad updated drf-workshop-starter. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-14. --- Starter code for the workshop "Build a Django REST API in minutes" @ Hack The Mountains

michaljaz updated wifi-hack. This repo has 2 stars and 1 watchers. This repo was created on 2021-05-12. --- Wifi hacking panel written in python

Andrispowq updated HackOS. This repo has 1 stars and 1 watchers. This repo was created on 2021-03-27. --- This is a hobby operating system I'm currently developing. I have big hopes that it will eventually turn out to some kind of hacking toolset, but of course that is just the plan, and may turn out completely differently.

niggurathh updated writeup. This repo has 3 stars and 1 watchers. This repo was created on 2021-02-25. --- Repositorio dedicado para creación de reportes de diferentes plataformas del tipo CTF.

VictorVG updated ph. This repo has 15 stars and 6 watchers. This repo was created on 2018-03-12. --- My personal build Process Hacker included Plugins-Extra

ZSShen updated Hacking-Tech-Interview. This repo has 0 stars and 1 watchers. This repo was created on 2020-12-18. --- My notes to prepare for FAANG tech interviews that cover coding and system design rounds.

Sumit-k25 updated Web-Application-project-Ethical-Hacking-Internshala-. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-15. --- This project is about finding vulnerability in a website which contains SQLi,IDOR , XSS(reflected and stored) , CSRF , arbitrary file upload , CMS, Bruteforce , PII, directory listings, etc. with mannual and automated testing tools.

cheeaun updated hackerweb. This repo has 1157 stars and 36 watchers. This repo was created on 2011-10-16. --- A simply readable Hacker News web app

SlyJose updated Hacking-Notes. This repo has 1 stars and 1 watchers. This repo was created on 2020-06-08. --- I pilled up all my hacking notes (always growing) from different training platforms I go through

k2052 updated vanilla-hn. This repo has 35 stars and 1 watchers. This repo was created on 2017-08-04. --- A Hacker News Reader in Vanilla JavaScript

MisterY52 updated apex_dma_kvm_pub. This repo has 61 stars and 6 watchers. This repo was created on 2020-09-11. --- Apex Legends QEMU/KVM hack

----Security Updates----

jak010 updated cyberNote. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-24. --- Page for CTF, Pentesting, about Security ETC

s4u updated pgp-keys-map. This repo has 3 stars and 5 watchers. This repo was created on 2019-12-07. --- PGP keys map to maven artifacts

ShadowWhisperer updated IPs. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-13. --- IP Block Lists

JavaGarcia updated Neanet. This repo has 5 stars and 1 watchers. This repo was created on 2020-08-02. --- Threat intelligence

nivi532 updated Cyber-security-awareness. This repo has 0 stars and 2 watchers. This repo was created on 2021-05-15. --- Team Access Denied - Participants: 1.Niveditha Balakrishnan 2.Ramyaa Prasath 3.Sowmya Jayavel, 4.Sudarsan Kumar, 5.Sudharsan G V

ozkanonur updated nestjs-rate-limiter. This repo has 116 stars and 3 watchers. This repo was created on 2019-06-21. --- Configurable rate limiter library built for NestJS

rheehot updated fastcampus_securitycode_dropdown_study. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-15. --- None

ViBiOh updated viws. This repo has 16 stars and 1 watchers. This repo was created on 2016-04-07. --- A tiny (5.46Mb light standalone binary) static web server with customizable behavior, secure and monitored by default.

opencve updated opencve. This repo has 750 stars and 23 watchers. This repo was created on 2020-09-24. --- CVE Alerting Platform

PacktPublishing updated Implementing-Microsoft-Azure-Security-Technologies. This repo has 0 stars and 4 watchers. This repo was created on 2020-11-19. --- Implementing Microsoft Azure Security Technologies, published by Packt

wKovacs64 updated hibp. This repo has 82 stars and 3 watchers. This repo was created on 2016-04-08. --- A Promise-based client for the 'Have I been pwned?' service.

virenukey updated securitytools. This repo has 2 stars and 1 watchers. This repo was created on 2021-04-28. --- Tools created under this repo are general-purpose tools for cyber-security beginners to check the prototype and flow of any enterprise-level software and implementation, providing the same

s4u updated pgpverify-maven-plugin. This repo has 28 stars and 7 watchers. This repo was created on 2014-03-28. --- Verify PGP signatures plugin

ichsanul19 updated security-on-github. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-15. --- None

sushant08 updated security. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-15. --- None

Daniel-InseongJang updated spring-boot-security. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-15. --- None

subashpahari updated Security-and-Authentication-in-node-js. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-15. --- Different levels of security and authentication in node js backend

akornatskyy updated wheezy.security. This repo has 0 stars and 1 watchers. This repo was created on 2020-06-25. --- A lightweight security/cryptography library

sfomuseum-data updated sfomuseum-data-checkpoints-2021. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-04. --- Security checkpoint data at SFO (2021)

Huangdx0824 updated spring-security-oauth2-demo. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-12. --- Oauth2

harlanc updated xiu. This repo has 72 stars and 2 watchers. This repo was created on 2020-08-16. --- A secure live server(rtmp/httpflv/hls)

accurics updated terrascan. This repo has 1666 stars and 55 watchers. This repo was created on 2017-09-11. --- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

hanry19 updated SpringSecurity. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-05. --- Spring Security를 활용한 게시판 구현

EhsanYar1991 updated uaa. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-10. --- Springboot, LDAP, Security

damienbod updated AspNetCoreHybridFlowWithApi. This repo has 130 stars and 14 watchers. This repo was created on 2018-01-30. --- ASP.NET Core MVC application using API, OpenID Connect Hybrid flow , second API, Code Flow with PKCE

----PoC Updates----

SpaceKatt updated cpp-cli-poc. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-15. --- Proof of concept for creating a command-line interface in C++.

AvansProftaak updated BoerNaarBurgerPoc. This repo has 0 stars and 0 watchers. This repo was created on 2021-03-10. --- Boer naar Burger Proof of Concept Proftaak databases

ziggymoens updated Bachelorproef_Ziggy_Moens_KMM. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-26. --- Kotlin Multiplatform Mobile als alternatief voor native applicaties: een vergelijkende studie en proof-of-concept

stoe updated ghec-backup. This repo has 2 stars and 1 watchers. This repo was created on 2020-04-23. --- proof of concept

MarxMustermann updated OfMiceAndMechs. This repo has 10 stars and 3 watchers. This repo was created on 2017-09-04. --- a proof of concept for a game

acavet updated haskell-blockchain. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-09. --- Simple proof-of-concept blockchain in Haskell

slightlyskepticalpotat updated snakewhisper. This repo has 1 stars and 1 watchers. This repo was created on 2021-05-15. --- A proof of concept of an end-to-end encrypted peer-to-peer chat program written with Python.

BrianHCombes updated ZZ-AngularJS-Misc-Side-Test. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-11. --- Side tests for proof of concept and development environment for new approaches, testing and verification of code.

nixx78 updated poc. This repo has 0 stars and 1 watchers. This repo was created on 2014-01-29. --- Proof Of Concept projects for different technologies

awebre updated selu-acm. This repo has 1 stars and 1 watchers. This repo was created on 2020-11-21. --- A NextJs/Mongo app meant to be used by Officers and Members of SELU's ACM. THIS IS A PROOF OF CONCEPT AND NOT OFFICIALLY SANCTIONED BY THE ACM.

Vurv78 updated SFHaxe. This repo has 1 stars and 1 watchers. This repo was created on 2021-03-01. --- Proof of concept Haxe Library for the lua target that adds StarfallEx bindings autogenerated from a script written in itself.

fabnicol updated RMercury. This repo has 1 stars and 1 watchers. This repo was created on 2021-01-21. --- A proof of concept for library connecting Mercury to R

FestiveAkp updated splashpoll.app. This repo has 0 stars and 1 watchers. This repo was created on 2020-11-11. --- Poll web app proof of concept

bit101 updated minimalcomps2. This repo has 13 stars and 1 watchers. This repo was created on 2021-05-09. --- A Web UI toolkit for creating rapid prototypes, experiments and proof of concept projects.

benji011 updated kafka-twitter-app-consumer. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-13. --- A WIP proof of concept app that uses ElasticSearch as the consumer to get tweets as messages from the producer to then eventually be added onto an ES cluster.

ainyava updated CSGOHacks. This repo has 1 stars and 1 watchers. This repo was created on 2021-03-21. --- Proof of Concept that cheats are very common in CSGO and Valve needs to do something about it :/

huntertran updated pattern-abiding-api. This repo has 3 stars and 1 watchers. This repo was created on 2021-04-02. --- A proof of concept to prove the API design best practices

nanoframework updated Samples. This repo has 127 stars and 20 watchers. This repo was created on 2017-09-15. --- 🍬 Code samples from the nanoFramework team used in testing, proof of concepts and other explorational endeavours

Machillo updated ProofOfConcept. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-15. --- None

bruxo00 updated RansomFlow. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-14. --- Educational proof of concept C# ransomware

vinorodrigues updated bootstrap-dark-5. This repo has 34 stars and 5 watchers. This repo was created on 2021-01-16. --- The Ancillary Guide to Dark Mode and Bootstrap 5 - A continuation of the v4 Dark Mode POC

Satellite-im updated Satellite-Absolute. This repo has 1 stars and 1 watchers. This repo was created on 2021-04-28. --- This is a long lived repository which right now is non-functional. The intent is that this repository will take the best practices from the Proof of Concept release and cleanly execute. This repo will eventually represent the 1.0 release of Satellite.im

mavriciomart updated kazoo-js-sdk. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-19. --- Proof of concept for a Kazoo javascript SDK

codecreative updated newsminder. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-22. --- Proof of concept Puppeteer and Actions

Systems-Modeling updated SysML-v2-Pilot-Implementation. This repo has 29 stars and 14 watchers. This repo was created on 2018-01-09. --- Proof-of-concept pilot implementation of the SysML v2 textual notation and visualization