Lucene search
K

114 matches found

pypa
pypa
added 2021/05/14 8:15 p.m.9 views

PYSEC-2021-696

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

7.1CVSS7AI score0.00154EPSS
Exploits0References2Affected Software1
osv
osv
added 2021/05/14 8:15 p.m.6 views

PYSEC-2021-236

TensorFlow is an end-to-end open source platform for machine learning. The implementation of the Split TFLite operator is vulnerable to a division by zero errorhttps://github.com/tensorflow/tensorflow/blob/e2752089ef7ce9bcf3db0ec618ebd23ea119d0c7/tensorflow/lite/kernels/split.ccL63-L65. An attack...

7.8CVSS5.9AI score0.00209EPSS
Exploits1References2
pypa
pypa
added 2021/05/14 8:15 p.m.6 views

PYSEC-2021-471

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.CTCGreedyDecoder. This is because the...

5.5CVSS6.8AI score0.00189EPSS
Exploits1References2Affected Software1
osv
osv
added 2021/05/14 8:15 p.m.8 views

PYSEC-2021-227

TensorFlow is an end-to-end open source platform for machine learning. The implementations of the Minimum and Maximum TFLite operators can be used to read data outside of bounds of heap allocated objects, if any of the two input tensor arguments are empty. This is because the broadcasting...

7.1CVSS7AI score0.00198EPSS
Exploits1References2
osv
osv
added 2021/05/14 8:15 p.m.7 views

PYSEC-2021-681

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.FusedBatchNorm. This is because the...

5.5CVSS6.1AI score0.00189EPSS
Exploits1References2
osv
osv
added 2021/05/14 8:15 p.m.7 views

PYSEC-2021-676

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in tf.rawops.FractionalAvgPool. This is because the...

5.5CVSS5.9AI score0.00189EPSS
Exploits1References2
osv
osv
added 2021/05/14 8:15 p.m.5 views

PYSEC-2021-210

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax is vulnerable to a division by 0. The...

5.5CVSS6.1AI score0.00189EPSS
Exploits1References2
debiancve
debiancve
added 2021/05/14 7:21 p.m.4 views

CVE-2021-29597

TensorFlow is an end-to-end open source platform for machine learning. The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that one dimension of the block input is 0. Hence, the corresponding value in blockshape is...

7.8CVSS6.9AI score0.00201EPSS
Exploits1
debiancve
debiancve
added 2021/05/14 7:15 p.m.3 views

CVE-2021-29577

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.AvgPool3DGrad is vulnerable to a heap buffer overflow. The...

7.8CVSS7.3AI score0.00211EPSS
Exploits1
debiancve
debiancve
added 2021/05/14 7:10 p.m.4 views

CVE-2021-29552

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...

5.5CVSS6.8AI score0.00189EPSS
Exploits1
osv
osv
added 2021/05/11 5:0 p.m.9 views

UBUNTU-CVE-2021-3489

The eBPF RINGBUF bpfringbufreserve function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee "bp...

7.8CVSS7.1AI score0.0055EPSS
Exploits0References7
prion
prion
added 2021/03/03 2:15 a.m.22 views

Remote code execution

Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the pretty option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug template inputs, it was...

6.8CVSS9.2AI score0.04269EPSS
Exploits1References7Affected Software2
osv
osv
added 2021/02/26 10:15 p.m.7 views

AZL-6843 CVE-2021-21309 affecting package redis for versions less than 5.0.5-7

Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with remote code execution. Redis 4.0 or newer uses a configurable limit for...

8.8CVSS7.3AI score0.047EPSS
Exploits0References1
altlinux
altlinux
added 2020/11/13 12:0 a.m.161 views

Security fix for the ALT Linux 9 package mariadb version 10.4.17-alt1

10.4.17-alt1 built Nov. 13, 2020 Alexey Shabalin in task 261687 Nov. 12, 2020 Alexey Shabalin - 10.4.17 - backport fix for MDEV-24096, MDEV-24121, MDEV-24134 - Fixes for the following security vulnerabilities: + CVE-2020-14812 + CVE-2020-14765 + CVE-2020-14776 + CVE-2020-14789 + CVE-2020-15180...

6.8CVSS6.4AI score0.05539EPSS
Exploits0
oraclelinux
oraclelinux
added 2014/09/17 12:0 a.m.49 views

krb5 security and bug fix update

1.6.1-78.el5 - gssapi: pull in upstream fix for a possible NULL dereference in spnego CVE-2014-4344, 1121509 1.6.1-77.el5 - fix what appears to be a cosmetic error in the patch for self-tests for CVE-2014-4341 1.6.1-76.el5 - run the backported self-tests, such as they are, for CVE-2014-4341...

7.8CVSS1.3AI score0.07138EPSS
Exploits0
nessus
nessus
added 2013/07/12 12:0 a.m.23 views

Oracle Linux 4 : openoffice.org (ELSA-2007-0001)

From Red Hat Security Advisory 2007:0001 : Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word...

9.3CVSS6AI score0.0824EPSS
Exploits0References2
redhat
redhat
added 2009/12/07 5:11 p.m.28 views

Important: Red Hat Security Advisory: acpid security update

An updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. acpid is a daemon that dispatches ACPI Advanced Configuration and Power Interface events to...

6.9CVSS5.7AI score0.00309EPSS
Exploits1References3
altlinux
altlinux
added 2009/07/28 12:0 a.m.80 views

Security fix for the ALT Linux 8 package bind version 9.3.6-alt5

July 28, 2009 Dmitry V. Levin 9.3.6-alt5 - Backported upstream fix for a remote DoS bug CVE-2009-0696...

4.3CVSS7.1AI score0.12649EPSS
Exploits1
openvas
openvas
added 2009/03/06 12:0 a.m.26 views

RedHat Update for openoffice.org RHSA-2008:0537-01

Check for the Version of openoffice.org OpenVAS Vulnerability Test RedHat Update for openoffice.org RHSA-2008:0537-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

9.3CVSS7.6AI score0.05748EPSS
Exploits1References2
openvas
openvas
added 2009/02/27 12:0 a.m.41 views

CentOS Update for openoffice.org2-base CESA-2008:0537 centos4 i386

Check for the Version of openoffice.org2-base OpenVAS Vulnerability Test CentOS Update for openoffice.org2-base CESA-2008:0537 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

9.3CVSS7.6AI score0.05748EPSS
Exploits1References2
Rows per page
Query Builder