Lucene search
K

50 matches found

CNNVD
CNNVD
added 2024/01/18 12:0 a.m.4 views

Nextcloud Security Breach

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud that stems from improper handling of request URLs, which allows users to load unallowed application pages...

5.4CVSS6.8AI score0.0051EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.2 views

SUSE CVE-2021-29521

TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in tf.rawops.SparseCountSparseOutput results in a segmentation fault being thrown out from the standard library as std::vector invariants are broken. This is because the...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.2 views

SUSE CVE-2021-29559

TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data outside of bounds of heap allocated array in tf.rawops.UnicodeEncode. This is because the...

7.1CVSS6.9AI score0.00198EPSS
Exploits1References3
PyPA
PyPA
added 2022/11/14 9:15 p.m.5 views

PYSEC-2022-43000

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0...

9.8CVSS6.8AI score0.00876EPSS
Exploits1References5Affected Software1
Circl
Circl
added 2022/10/27 2:28 p.m.6 views

CVE-2022-2508

creationtimestamp| type| source ---|---|--- 2022-10-27 14:28:28+00:00| seen| https://t.me/cibsecurity/52144...

5.3CVSS5.5AI score0.00513EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/13 12:0 a.m.4 views

Rdiffweb 安全漏洞

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your archives through an efficient web interface. A security vulnerability exists in Rdiffweb versions prior to 2.5.0 that stems from its failure to limit or throttle resource...

9.8CVSS6.5AI score0.00345EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/11/05 12:0 a.m.3 views

PT-2021-23187 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.0 through 2.6.0 will be fixed in 2.6.1 TensorFlow versions 2.5.0 through 2.5.1 will be fixed in 2.5.2 TensorFlow versions 2.4.0 through 2.4.3 will be fixed in 2.4.4 Description: The...

7.8CVSS7.4AI score0.0021EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2021/11/05 12:0 a.m.2 views

PT-2021-23169 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.0 through 2.6.0 TensorFlow versions 2.5.0 through 2.5.1 TensorFlow versions 2.4.0 through 2.4.3 Description: TensorFlow allows tensors to have a large number of dimensions and each...

6.8CVSS5.3AI score0.00307EPSS
Exploits1References18
CNNVD
CNNVD
added 2021/10/19 12:0 a.m.5 views

Zephyr 资源管理错误漏洞

Zephyr is an open source, small, scalable, real-time operating system. Zephyr 2.4.0 and later, 2.5.0 and later are vulnerable to a resource management error that stems from disconnecting the L2CAP channel immediately after an invalid ATT request causes a freeze. No detailed vulnerability details...

7.5CVSS5.6AI score0.01071EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/09/02 12:0 a.m.5 views

Schneider Electric GP-Pro EX 代码问题漏洞

Schneider Electric GP-Pro EX is a suite of HMI interface editing and logic programming software from Schneider Electric France. A code issue vulnerability exists in Schneider Electric GP-Pro EX, which arises from the product's failure to properly filter special elements in the search path. The...

7.8CVSS7.6AI score0.00328EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2021/08/25 2:43 p.m.12 views

alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37641 via tensorflow (=2.5.0)

tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...

7.3CVSS6.3AI score0.00167EPSS
Exploits0
OSV
OSV
added 2021/07/21 3:16 p.m.4 views

CVE-2021-2445

Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion component: Lifecycle Management. The supported version that is affected is 11.2.5.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion...

5.7CVSS5.8AI score0.00831EPSS
Exploits0References1
PyPA
PyPA
added 2021/05/14 8:15 p.m.5 views

PYSEC-2021-200

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.RFFT. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination...

5.5CVSS7.1AI score0.00189EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.4 views

PYSEC-2021-518

TensorFlow is an end-to-end open source platform for machine learning. The implementations of the Minimum and Maximum TFLite operators can be used to read data outside of bounds of heap allocated objects, if any of the two input tensor arguments are empty. This is because the broadcasting...

7.1CVSS6.9AI score0.00198EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.4 views

PYSEC-2021-529

TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of concatenation is vulnerable to an integer overflow issuehttps://github.com/tensorflow/tensorflow/blob/7b7352a724b690b11bfaae2cd54bc3907daf6285/tensorflow/lite/kernels/concatenation.ccL70-L76. An...

7.1CVSS7.2AI score0.00192EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.8 views

PYSEC-2021-448

TensorFlow is an end-to-end open source platform for machine learning. Missing validation between arguments to tf.rawops.Conv3DBackprop operations can result in heap buffer overflows. This is because the...

7.8CVSS7.2AI score0.00224EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.4 views

PYSEC-2021-236

TensorFlow is an end-to-end open source platform for machine learning. The implementation of the Split TFLite operator is vulnerable to a division by zero errorhttps://github.com/tensorflow/tensorflow/blob/e2752089ef7ce9bcf3db0ec618ebd23ea119d0c7/tensorflow/lite/kernels/split.ccL63-L65. An attack...

7.8CVSS6.9AI score0.00209EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.5 views

PYSEC-2021-522

TensorFlow is an end-to-end open source platform for machine learning. TFLite's convolution codehttps://github.com/tensorflow/tensorflow/blob/09c73bca7d648e961dd05898292d91a8322a9d45/tensorflow/lite/kernels/conv.cc has multiple division where the divisor is controlled by the user and not checked ...

7.8CVSS7AI score0.00201EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/05/14 8:15 p.m.4 views

PYSEC-2021-697

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

7.8CVSS7.5AI score0.0024EPSS
Exploits1References2
OSV
OSV
added 2021/05/14 8:15 p.m.3 views

PYSEC-2021-179

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to tf.rawops.StringNGrams. This is because the...

5.5CVSS6.3AI score0.00198EPSS
Exploits1References2
Rows per page
Query Builder