150 matches found
Open Networking Foundation ONOS 安全漏洞
Open Networking Foundation ONOS is an open source SDN controller from Open Networking Foundation open source. for building next-generation SDN/NFV solutions. A security vulnerability exists in Open Networking Foundation ONOS version 2.5.1 that originates from the installation of invalid flow rule...
SUSE CVE-2021-29558
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...
SUSE CVE-2021-29559
TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data outside of bounds of heap allocated array in tf.rawops.UnicodeEncode. This is because the...
SUSE CVE-2021-36783
A Insufficiently Protected Credentials vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners and Project Members to read credentials, passwords and API tokens that have been stored in cleartext and exposed via API endpoints. This issue affects: SUSE...
SUSE CVE-2022-21729
Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...
Rdiffweb 安全漏洞
Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your archives through an efficient web interface. A security vulnerability exists in Rdiffweb versions prior to 2.5.0 that stems from its failure to limit or throttle resource...
PT-2022-4712
Name of the Vulnerable Software and Affected Versions SUSE Rancher versions prior to 2.6.4 Rancher versions prior to 2.5.13 Description A vulnerability in SUSE Rancher allows authenticated users, including Cluster Owners, Cluster Members, Project Owners, and Project Members, to read credentials,...
bVPN 代码问题漏洞
bVPN is a VPN software from the Dutch company bVPN. A security vulnerability exists in bVPN 2.5.1 via a carefully crafted file in the waselvpnserv service path...
CVE-2022-25582
A stored cross-site scripting XSS vulnerability in the Column module of ClassCMS v2.5 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Articles field...
DEBIAN-CVE-2022-21695
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users or unauthenticated in public mode can send messages without being visible in the list of chat participants. Th...
UBUNTU-CVE-2022-21688
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. Affected versions of the desktop application were found to be vulnerable to denial of service via an undisclosed vulnerability in the QT image parsing...
Netgear NETGEAR 注入漏洞
Netgear NETGEAR is a router from the American company Netgear. A hardware device that connects two or more networks and acts as a gateway between networks. An injection vulnerability exists in NETGEAR devices that are subject to server-side injection. The following products and versions are...
bent (>=0.0.9 <=0.0.80), tensorflow-recommenders-addons-gpu (>=0.3.0 <=0.4.1) potentially affected by CVE-2021-41206 via tensorflow-gpu (=2.5.1)
tensorflow-gpu PYPI version =2.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - bent =0.0.9, =0.3.0, =0.4.1 Source cves: CVE-2021-41206 Source advisory: OSV:GHSA-PGCQ-H79J-2F69...
CVE-2021-41208
TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service via dereferencing nullptrs or via CHECK-failures as well as abuse undefined behavior binding...
PYSEC-2021-391
TensorFlow is an open source platform for machine learning. In affected versions if tf.tile is called with a large input argument then the TensorFlow process will crash due to a CHECK-failure caused by an overflow. The number of elements in the output tensor is too much for the int64t type and th...
CVE-2021-3581
Buffer Access with Incorrect Length Value in zephyr. Zephyr versions = =2.5.0 contain Buffer Access with Incorrect Length Value CWE-805. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8q65-5gqf-fmw5...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37641 via tensorflow (=2.5.0)
tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37642 via tensorflow (=2.5.0)
tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...
PYSEC-2021-305
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of division in TFLite is vulnerable to a division by 0 error. There is no check that the divisor tensor does not contain zero elements. We have patched the issue in GitHub commit...
GHSA-84MW-34W6-2Q43 Null pointer dereference via invalid Ragged Tensors
Impact Calling tf.rawops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference: python import tensorflow as tf inputtensor = tf.constant, shape=0, 0, 0, 0, 0, dtype=tf.float32 filtertensor = tf.constant, shape=0, 0, 0, 0, 0, dtype=tf.float3...