Bir süredir yoğun olarak girişimcilik üzerine mesai harcıyorum, tecrübeli kişilerle sohbet ediyor, yeni girişimleri gözlemliyorum. Yeni girişimler de ortak bir payda buldum, ortak payda faliyete geçme tarihi beklenenden hep daha geç olduğu… Bu konuda bir şeyler karalamak, arkamızdan gelen gençlere fikir vermek, ileri de geriye dönüp anı tazelemek için bu yazıyı yazıyorum. İlk işe girişler de sürekli …
- CVE-2022-31259The route lookup process in beego through 1.12.4 and 2.x through 2.0.2 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places (e.g., p1.xml instead of p1).
- CVE-2022-1752Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.
- CVE-2022-29222Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection itself is still secure. The Certificate provided […]
- CVE-2022-29189Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, a buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or timed out. An attacker could exploit this to cause excessive memory […]
- CVE-2022-29190Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available.
- CVE-2022-29209TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions (e.g., `CHECK_LT`, `CHECK_GT`, etc.) have an incorrect logic when comparing `size_t` and `int` values. Due to type conversion rules, several of the macros would trigger incorrectly. Versions 2.9.0, 2.8.1, 2.7.2, […]
- CVE-2022-29210TensorFlow is an open source platform for machine learning. In version 2.8.0, the `TensorKey` hash function used total estimated `AllocatedBytes()`, which (a) is an estimate per tensor, and (b) is a very poor hash function for constants (e.g. `int32_t`). It also tried to access individual tensor bytes through `tensor.data()` of size `AllocatedBytes()`. This led to […]
- CVE-2022-29211TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.histogram_fixed_width` is vulnerable to a crash when the values array contain `Not a Number` (`NaN`) elements. The implementation assumes that all floating point operations are defined and then converts a floating point result to an […]
- CVE-2022-29212TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, certain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale of values could be greater than 1 but code was always assuming […]
- CVE-2022-29213TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the `tf.compat.v1.signal.rfft2d` and `tf.compat.v1.signal.rfft3d` lack input validation and under certain condition can result in crashes (due to `CHECK`-failures). Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
Sorry, no Tweets were found.
- Nessus Truncated Packets Uyarısı
- Nessus Tarama Sorunu (Network Congestions, Truncated)
- Ubuntu Resolv.conf Dosyasının Reboot Sonrası Değişmesi Sorunu
- NMAP Tarama Sonucunda HTML Rapor Oluşturmak
- Kali İşletim Sistemine Komut Satırından Proxy Ekleme
- USOM Duyuru Faaliyetleri: Güvenlik Açıklıkları
- E-Ticarette Güven Damgası Dönemi ve Sızma Testi
- TestHive – Penetration Testing Talks
- Sızma Testi Bulguları İçin Reçete
- Kayhan Kayıhan – IETT siber saldırı röportajı