CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

405 matches found

Prion•added 2022/09/16 11:15 p.m.•13 views

Stack overflow

TensorFlow is an open source platform for machine learning. When mlir::tfg::TFOp::nameAttr receives null type list attributes, it crashes. We have patched the issue in GitHub commits 3a754740d5414e362512ee981eefba41561a63a6 and a0f0b9a21c9270930457095092f558fbad4c03e5. The fix will be included in...

5CVSS7.7AI score0.00534EPSS

Exploits0References4Affected Software1

Cvelist•added 2022/09/16 10:35 p.m.•18 views

CVE-2022-36014 Null-dereference in `mlir::tfg::TFOp::nameAttr` in TensorFlow

5.9CVSS7.8AI score0.00534EPSS

Exploits0References4

CVE•added 2022/09/16 10:35 p.m.•90 views

CVE-2022-36014

TensorFlow vulnerability CVE-2022-36014: a null dereference in mlir::tfg::TFOp::nameAttr when provided a null type list, causing a crash (denial of service potential). Fixed in GitHub commits 3a754740d5414e362512ee981eefba41561a63a6 and a0f0b9a21c9270930457095092f558fbad4c03e5. The patch will be ...

7.5CVSS6.5AI score0.00534EPSS

Exploits0References4Affected Software1

Debian CVE•added 2022/09/16 10:35 p.m.•5 views

CVE-2022-36014

7.5CVSS7AI score0.00534EPSS

Exploits0

Github Security Blog•added 2022/09/16 9:20 p.m.•36 views

TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr`

Impact When mlir::tfg::TFOp::nameAttr receives null type list attributes, it crashes. cpp StatusOr GraphDefImporter::ArgNumTypeconst NamedAttrList &attrs, const OpDef::ArgDef &argdef, SmallVectorImpl &types // Check whether a type list attribute is specified. if !argdef.typelistattr.empty if auto...

7.5CVSS7.5AI score0.00534EPSS

Exploits0References7Affected Software3

Positive Technologies•added 2022/09/16 12:0 a.m.•4 views

PT-2022-23114 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when mlir::tfg::TFOp::nameAttr receives null type list...

7.5CVSS7.8AI score0.00534EPSS

Exploits0References10

RedhatCVE•added 2022/08/09 12:7 p.m.•32 views

CVE-2022-36882

A flaw was found in the Git Jenkins plugin. The affected versions of the Git Jenkins Plugin allow attackers to trigger the builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit...

8.8CVSS3.7AI score0.0058EPSS

Exploits0References4

Fedora•added 2022/08/04 1:35 a.m.•25 views

[SECURITY] Fedora 36 Update: osbuild-composer-58-1.fc36

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients...

0.9AI score

Exploits0

Fedora•added 2022/07/31 1:37 a.m.•14 views

[SECURITY] Fedora 36 Update: osbuild-composer-57-2.fc36

0.9AI score

Exploits0

Fedora•added 2022/07/22 5:11 a.m.•15 views

[SECURITY] Fedora 35 Update: osbuild-composer-57-1.fc35

0.9AI score

Exploits0

OpenVAS•added 2022/07/21 12:0 a.m.•11 views

Fedora: Security Advisory for osbuild-composer (FEDORA-2022-3e1ade35db)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score

Exploits0References2

Fedora•added 2022/07/20 1:40 a.m.•26 views

[SECURITY] Fedora 35 Update: osbuild-composer-56-2.fc35

0.9AI score

Exploits0

ATTACKERKB•added 2022/07/18 11:15 p.m.•1 views

CVE-2022-34636

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMA violation occurs during address translation...

5.5CVSS5.9AI score0.00237EPSS

Exploits1References3

NVD•added 2022/07/18 11:15 p.m.•14 views

CVE-2022-34636

5.5CVSS0.00237EPSS

Exploits1References2

Fedora•added 2022/07/13 2:0 a.m.•43 views

[SECURITY] Fedora 36 Update: osbuild-composer-55-2.fc36

9.3CVSS0.9AI score0.05292EPSS

Exploits4

Fedora•added 2022/07/09 1:24 a.m.•16 views

[SECURITY] Fedora 36 Update: osbuild-composer-56-1.fc36

0.9AI score

Exploits0

Fedora•added 2022/07/04 1:35 a.m.•30 views

[SECURITY] Fedora 36 Update: fzf-0.30.0-3.fc36

fzf is a general-purpose command-line fuzzy finder. It's an interactive Unix filter for command-line that can be used with any list; files, command history, processes, hostnames, bookmarks, git commits, etc...

9.3CVSS8.2AI score0.05994EPSS

Exploits4

NVD•added 2022/06/25 7:15 a.m.•24 views

CVE-2022-24893

ESP-IDF is the official development framework for Espressif SoCs. In Espressif’s Bluetooth Mesh SDK ESP-BLE-MESH, a memory corruption vulnerability can be triggered during provisioning, because there is no check for the SegN field of the Transaction Start PDU. This can result in memory corruption...

8.8CVSS0.00521EPSS

Exploits0References1

Vulnrichment•added 2022/06/25 6:55 a.m.•9 views

CVE-2022-24893 Espressif Bluetooth Mesh Stack Vulnerable to Out-of-bounds Write leading to memory buffer corruption

7.5CVSS7.2AI score0.00521EPSS

Exploits0References1

Cvelist•added 2022/05/31 4:10 p.m.•34 views

CVE-2022-29220 No verification of commits origin in github-action-merge-dependabot

github-action-merge-dependabot is an action that automatically approves and merges dependabot pull requests PRs. Prior to version 3.2.0, github-action-merge-dependabot does not check if a commit created by dependabot is verified with the proper GPG key. There is just a check if the actor is set t...

6.5CVSS6.6AI score0.00456EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by