Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. Additionally, device details are exposed which include the serial number and the firmware version by another...
8.6CVSS
8.6AI Score
0.002EPSS
The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow...
8.6CVSS
7.5AI Score
0.002EPSS
Potential DOS in Contracts Inheriting UUPSUpgradeable.sol
Handle leastwood Vulnerability details Impact There are a number of contracts which inherit UUPSUpgradeable.sol, namely; GovernanceAction.sol, PauseRouter.sol and NoteERC20.sol. All these contracts are deployed using a proxy pattern whereby the implementation contract is used by the proxy contract....
7.3AI Score
Large Validator Sets/Rapid Validator Set Updates May Freeze the Bridge or Relayers
Handle nascent Vulnerability details In a similar vein to "Freeze The Bridge Via Large ERC20 Names/Symbols/Denoms", a sufficiently large validator set or sufficiently rapid validator update could cause both the eth_oracle_main_loop and relayer_main_loop to fall into a state of perpetual errors. In....
6.7AI Score
Inadequate Encryption Strength in showdoc
showdoc makes use of a hardcoded salt in its user password hash...
4.9CVSS
1.6AI Score
0.001EPSS
Inadequate Encryption Strength in showdoc
showdoc makes use of a hardcoded salt in its user password hash...
4.9CVSS
5.5AI Score
0.001EPSS
Ruby on Rails: Content Security Policy is only active for HTML responses but not for image/svg+xml
Setup plain Rails application with a simple route and controller Configure a Content Security Policy (CSP) for downloading/preview endpoints with default-src 'none' (via https://edgeguides.rubyonrails.org/security.html#content-security-policy) Send a malicious SVG* file (e.g. attached example)...
6.1CVSS
7.6AI Score
0.005EPSS
Integer division by 0 in sparse reshaping
Impact The implementation of tf.raw_ops.SparseReshape can be made to trigger an integral division by 0 exception: python import tensorflow as tf tf.raw_ops.SparseReshape( input_indices = np.ones((1,3)), input_shape = np.array([1,1,0]), new_shape = np.array([1,0])) The implementation...
5.5CVSS
3.5AI Score
0.0004EPSS
Integer division by 0 in sparse reshaping
Impact The implementation of tf.raw_ops.SparseReshape can be made to trigger an integral division by 0 exception: python import tensorflow as tf tf.raw_ops.SparseReshape( input_indices = np.ones((1,3)), input_shape = np.array([1,1,0]), new_shape = np.array([1,0])) The implementation...
5.5CVSS
6.1AI Score
0.0004EPSS
Crash caused by integer conversion to unsigned
Impact An attacker can cause a denial of service in boosted_trees_create_quantile_stream_resource by using negative arguments: ```python import tensorflow as tf from tensorflow.python.ops import gen_boosted_trees_ops import numpy as np v= tf.Variable([0.0, 0.0, 0.0, 0.0, 0.0])...
5.5CVSS
5.8AI Score
0.0004EPSS
Crash caused by integer conversion to unsigned
Impact An attacker can cause a denial of service in boosted_trees_create_quantile_stream_resource by using negative arguments: ```python import tensorflow as tf from tensorflow.python.ops import gen_boosted_trees_ops import numpy as np v= tf.Variable([0.0, 0.0, 0.0, 0.0, 0.0])...
5.5CVSS
2.6AI Score
0.0004EPSS
billz/raspap-webgui is vulnerable to Privilege Escalation via OS commaind injection. An attacker can send an input of "a && whoami" to append strval($POST'connect']) to the end of the exec() function in configureclient.php , executing /etc/raspap/hostapd/enablelog.sh as root with no password and...
8.8CVSS
5.6AI Score
0.003EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in boosted_trees_create_quantile_stream_resource by using negative arguments. The implementation does not validate that num_streams only contains non-negative...
5.5CVSS
5.5AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in boosted_trees_create_quantile_stream_resource by using negative arguments. The implementation does not validate that num_streams only contains non-negative...
5.5CVSS
6.5AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in boosted_trees_create_quantile_stream_resource by using negative arguments. The implementation does not validate that num_streams only contains non-negative...
5.5CVSS
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in boosted_trees_create_quantile_stream_resource by using negative arguments. The implementation does not validate that num_streams only contains non-negative...
5.5CVSS
5.5AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in boosted_trees_create_quantile_stream_resource by using negative arguments. The implementation does not validate that num_streams only contains non-negative...
5.5CVSS
3.4AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in boosted_trees_create_quantile_stream_resource by using negative arguments. The implementation does not validate that num_streams only contains non-negative...
5.5CVSS
3.4AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in boosted_trees_create_quantile_stream_resource by using negative arguments. The implementation does not validate that num_streams only contains non-negative...
5.5CVSS
3.4AI Score
0.0004EPSS
CVE-2021-37661 Crash caused by integer conversion to unsigned in TensorFlow
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in boosted_trees_create_quantile_stream_resource by using negative arguments. The implementation does not validate that num_streams only contains non-negative...
5.5CVSS
6AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.raw_ops.SparseReshape can be made to trigger an integral division by 0 exception. The implementation calls the reshaping functor whenever there is at least an index in the input but....
5.5CVSS
5.6AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.raw_ops.SparseReshape can be made to trigger an integral division by 0 exception. The implementation calls the reshaping functor whenever there is at least an index in the input but....
5.5CVSS
6.7AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.raw_ops.SparseReshape can be made to trigger an integral division by 0 exception. The implementation calls the reshaping functor whenever there is at least an index in the input but....
5.5CVSS
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.raw_ops.SparseReshape can be made to trigger an integral division by 0 exception. The implementation calls the reshaping functor whenever there is at least an index in the input but....
5.5CVSS
3.1AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.raw_ops.SparseReshape can be made to trigger an integral division by 0 exception. The implementation calls the reshaping functor whenever there is at least an index in the input but....
5.5CVSS
3.1AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.raw_ops.SparseReshape can be made to trigger an integral division by 0 exception. The implementation calls the reshaping functor whenever there is at least an index in the input but....
5.5CVSS
5.6AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.raw_ops.SparseReshape can be made to trigger an integral division by 0 exception. The implementation calls the reshaping functor whenever there is at least an index in the input but....
5.5CVSS
3.1AI Score
0.0004EPSS
CVE-2021-37640 Integer division by 0 in sparse reshaping in TensorFlow
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.raw_ops.SparseReshape can be made to trigger an integral division by 0 exception. The implementation calls the reshaping functor whenever there is at least an index in the input but....
5.5CVSS
6.2AI Score
0.0004EPSS
Single-step process for critical ownership transfer/renounce is risky
Handle 0xRajeev Vulnerability details Impact The SwappableYieldSource allows owners and asset managers to set/swap/transfer yield sources/funds. As such, the contract ownership plays a critical role in the protocol. Given that AssetManager is derived from Ownable, the ownership management of this.....
6.8AI Score
The safe versions of transfer/transferFrom are not implemented as expected
Handle 0xRajeev Vulnerability details Impact The āsafeā versions of token transfer/transferFrom as implemented either by OpenZeppelinās SafeERC20 or Uniswap libraries, use a low-level call and make checks on the return data to handle cases where tokens may not return any value on...
6.8AI Score
Malicious owner can drain the market at any time using SafetyWithdraw
Handle 0xRajeev Vulnerability details Impact The withdrawERC20Token() in SafetyWithdraw inherited in TracerPerpetualSwaps is presumably a guarded launch emergency withdrawal mechanism. However, given the trust model where the market creator/owner is potentially untrusted/malicious, this is a...
6.8AI Score
rug pull possible via SafetyWithdraw
Handle gpersoon Vulnerability details Impact The contract TracerPerpetualSwaps inherits from SafetyWithdraw, which means the function withdrawERC20Token is possible, This allows the projectowners to withdraw the ERC20 tokens from the contract, which can be seen as a rug pull Also the tvl variable.....
7AI Score
Initialization functions can be front-run with malicious values
Handle 0xRajeev Vulnerability details Impact Most contracts have public visibility initialization functions that can be front-run, allowing an attacker to incorrectly initialize the contracts. Due to the use of the delegatecall proxy pattern, PrizePool/YieldSourcePrizePool/StakePrizePool,...
6.8AI Score
Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship...
9.6CVSS
9.1AI Score
0.003EPSS
Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship...
9.6CVSS
6.6AI Score
0.003EPSS
Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship...
9.6CVSS
0.003EPSS
Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship...
9.6CVSS
9AI Score
0.003EPSS
CVE-2021-21382 Unsafe loopback forwarding interface in Restund
Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship...
8.6CVSS
9.4AI Score
0.003EPSS
GitLab: Stored XSS in Mermaid when viewing Markdown files
Summary GitLab's Mermaid configuration allows an attacker to inject HTML in the rendered Markdown. This can be combined with a CSP bypass using pipeline artifacts to achieve RCE. Steps to reproduce Create a repository on GitLab.com Add the following to .gitlab-ci.yml ```yaml job: script: ...
-0.2AI Score
Incomplete validation in `SparseReshape`
Impact Incomplete validation in SparseReshape results in a denial of service based on a CHECK-failure. ```python import tensorflow as tf input_indices = tf.constant(41, shape=[1, 1], dtype=tf.int64) input_shape = tf.zeros([11], dtype=tf.int64) new_shape = tf.zeros([1], dtype=tf.int64)...
5.5CVSS
3.5AI Score
0.0004EPSS
Incomplete validation in `SparseReshape`
Impact Incomplete validation in SparseReshape results in a denial of service based on a CHECK-failure. ```python import tensorflow as tf input_indices = tf.constant(41, shape=[1, 1], dtype=tf.int64) input_shape = tf.zeros([11], dtype=tf.int64) new_shape = tf.zeros([1], dtype=tf.int64)...
5.5CVSS
3.5AI Score
0.0004EPSS
Null pointer dereference via invalid Ragged Tensors
Impact Calling tf.raw_ops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference: ```python import tensorflow as tf input_tensor = tf.constant([], shape=[0, 0, 0, 0, 0], dtype=tf.float32) filter_tensor = tf.constant([], shape=[0, 0, 0, 0, 0],....
5.5CVSS
2AI Score
0.0004EPSS
Null pointer dereference via invalid Ragged Tensors
Impact Calling tf.raw_ops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference: ```python import tensorflow as tf input_tensor = tf.constant([], shape=[0, 0, 0, 0, 0], dtype=tf.float32) filter_tensor = tf.constant([], shape=[0, 0, 0, 0, 0],....
5.5CVSS
2AI Score
0.0004EPSS
āļø Description Hard-Coded User Credentials are exposed in the docker file. šµļøāāļø Proof of Concept https://github.com/cythron/gcp/blob/master/%23Dockerfile#L20 š„ Impact Attacker is capable of login using given...
0.9AI Score
TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseReshape results in a denial of service based on a CHECK-failure. The...
5.5CVSS
5.4AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseReshape results in a denial of service based on a CHECK-failure. The...
5.5CVSS
5.5AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseReshape results in a denial of service based on a CHECK-failure. The...
5.5CVSS
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. Calling tf.raw_ops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of RaggedTensorToVariant...
5.5CVSS
5.5AI Score
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. Calling tf.raw_ops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of RaggedTensorToVariant...
5.5CVSS
0.0004EPSS
TensorFlow is an end-to-end open source platform for machine learning. Calling tf.raw_ops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of RaggedTensorToVariant...
5.5CVSS
5.6AI Score
0.0004EPSS