{"vulnerability": "CVE-2023-2567", "sightings": [{"uuid": "3e9230e9-c5ca-42fc-a8a5-061588503ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2567", "type": "seen", "source": "https://t.me/cibsecurity/70702", "content": "\u203c CVE-2023-2567 \u203c\n\nA SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application.Authenticated users can extract arbitrary information from the DBMS in an uncontrolled way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-19T14:29:14.000000Z"}, {"uuid": "7bc4e729-27cf-492c-a863-f85e6d0b4bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25674", "type": "seen", "source": "https://t.me/cibsecurity/60735", "content": "\u203c CVE-2023-25674 \u203c\n\nTensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-25T06:38:10.000000Z"}, {"uuid": "2d843662-4761-4393-b668-1532aa734bba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25671", "type": "seen", "source": "https://t.me/cibsecurity/60734", "content": "\u203c CVE-2023-25671 \u203c\n\nTensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type sizes. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-25T06:38:09.000000Z"}, {"uuid": "1c358139-487e-41b8-a487-7449a39e38f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25676", "type": "seen", "source": "https://t.me/cibsecurity/60738", "content": "\u203c CVE-2023-25676 \u203c\n\nTensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parameter `shape` with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-25T06:38:13.000000Z"}, {"uuid": "2e393113-3210-46b1-a513-bacbf09f9e91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25672", "type": "seen", "source": "https://t.me/cibsecurity/60732", "content": "\u203c CVE-2023-25672 \u203c\n\nTensorFlow is an open source platform for machine learning. The function `tf.raw_ops.LookupTableImportV2` cannot handle scalars in the `values` parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-25T06:38:07.000000Z"}, {"uuid": "07180848-00ee-4018-a092-6b7500a412db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25670", "type": "seen", "source": "https://t.me/cibsecurity/60727", "content": "\u203c CVE-2023-25670 \u203c\n\nTensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-25T06:38:01.000000Z"}, {"uuid": "1dab71ae-6786-4a79-b908-2cfc720cb355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25673", "type": "seen", "source": "https://t.me/cibsecurity/60724", "content": "\u203c CVE-2023-25673 \u203c\n\nTensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-25T06:37:56.000000Z"}, {"uuid": "7776be75-71c2-437a-80e7-45b7a5712b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25675", "type": "seen", "source": "https://t.me/cibsecurity/60720", "content": "\u203c CVE-2023-25675 \u203c\n\nTensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.Bincount` segfaults when given a parameter `weights` that is neither the same shape as parameter `arr` nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-25T06:37:52.000000Z"}]}