Lucene search
K

293 matches found

PyPA
PyPA
added 2020/09/25 7:15 p.m.6 views

PYSEC-2020-323

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can...

9.8CVSS6.9AI score0.00893EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/09/25 7:15 p.m.5 views

PYSEC-2020-322

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses ResolveAxis to convert negative values to positive indices. However, the only check that the converted index is now valid is only present in debug builds. If the...

9CVSS6.3AI score0.01227EPSS
Exploits1References4
OSV
OSV
added 2020/07/28 4:15 p.m.2 views

DEBIAN-CVE-2020-15900

A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32t. This was fixed...

9.8CVSS8.5AI score0.05186EPSS
Exploits0References1
OSV
OSV
added 2019/07/17 9:15 p.m.4 views

UBUNTU-CVE-2019-1010263

Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow attackers to bypass authentication by providing a token by crafting with hmac. The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is: after commit...

9.8CVSS7.3AI score0.01301EPSS
Exploits1References4
OSV
OSV
added 2019/07/16 1:15 p.m.2 views

ALPINE-CVE-2019-1010057

nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffileinline.c:83, minilzo.c redistributed. The attack vector is: nfdump must read and process a specially crafted file...

7.8CVSS6.9AI score0.01654EPSS
Exploits0References1
OSV
OSV
added 2019/07/15 3:15 p.m.1 views

DEBIAN-CVE-2019-1010305

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

5.5CVSS5.9AI score0.01464EPSS
Exploits1References1
OSV
OSV
added 2018/12/20 5:29 p.m.1 views

UBUNTU-CVE-2018-1000876

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound,bfdcanonicalizedynamicreloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be...

7.8CVSS7.1AI score0.00656EPSS
Exploits1References4
OSV
OSV
added 2018/09/06 5:29 p.m.2 views

CVE-2018-1000660

TOCK version prior to commit 42f7f36e74088036068d62253e1d8fb26605feed. For example dfde28196cd12071fcf6669f7654be7df482b85d contains a Insecure Permissions vulnerability in Function getpackagename in the file kernel/src/tbfheader.rs, variable "pub packagename: &'static str," in the file process.r...

7.5CVSS5.8AI score0.01271EPSS
Exploits0References1
OSV
OSV
added 2018/07/23 3:29 p.m.6 views

UBUNTU-CVE-2018-1999015

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

6.5CVSS5.8AI score0.01763EPSS
Exploits0References3
NVD
NVD
added 2018/07/13 6:29 p.m.34 views

CVE-2018-1000207

MODX Revolution version =2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename and content. This attack appear to be exploitable via Web request. This vulnerability appea...

7.2CVSS7AI score0.64088EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2018/05/24 7:35 a.m.15 views

unboundid-ldapsdk: Incorrect Access Control vulnerability in process function in SimpleBindRequest class

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty...

9.8CVSS5.7AI score0.04913EPSS
Exploits0References5
OSV
OSV
added 2018/04/06 5:29 p.m.37 views

UBUNTU-CVE-2013-6876

The 1 ptyinitterminal and 2 pipeinitterminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the...

7.8CVSS7.1AI score0.00587EPSS
Exploits0References4
phpMyAdmin
phpMyAdmin
added 2011/02/11 12:0 a.m.29 views

SQL query could be executed under another user.

PMASA-2011-2 Announcement-ID: PMASA-2011-2 Date: 2011-02-11 Summary SQL query could be executed under another user. Description It was possible to create a bookmark which would be executed unintentionally by other users. Severity We consider this vulnerability to be critical. Mitigation factor To...

6.5CVSS5.7AI score0.02728EPSS
Exploits0Affected Software1
Rows per page
Query Builder