Lucene search
+L

183 matches found

NVD
NVD
added 2020/09/25 7:15 p.m.30 views

CVE-2020-15191

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...

5.3CVSS0.00749EPSS
Exploits1References4
OSV
OSV
added 2020/09/25 7:15 p.m.14 views

CVE-2020-15191

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...

5.3CVSS5.1AI score
Exploits0References4
OSV
OSV
added 2020/07/06 7:29 p.m.12 views

USN-4411-1 linux, linux-aws, inux-azure, linux-gcp, linux-kvm, linux-oracle, linux-raspi, linux-riscv vulnerabilities

It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local attacker could use this to possibly expose sensitive information kernel memory. CVE-2020-10732 Matthew Sheets discovered that the SELinux network label handlin...

6.7CVSS6.8AI score0.04505EPSS
Exploits0References6
NVD
NVD
added 2020/05/11 11:15 p.m.16 views

CVE-2020-10058

Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions...

7.8CVSS7.8AI score0.00396EPSS
Exploits0References4
OSV
OSV
added 2020/05/11 11:15 p.m.8 views

CVE-2020-10028

Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions...

7.8CVSS7.1AI score0.00396EPSS
Exploits0References5
OSV
OSV
added 2020/05/11 11:15 p.m.6 views

CVE-2020-10058

Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions...

7.8CVSS5.8AI score0.00396EPSS
Exploits0References4
Prion
Prion
added 2020/05/11 11:15 p.m.23 views

Design/Logic Flaw

Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions...

4.6CVSS7.6AI score0.00396EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2020/05/11 10:26 p.m.69 views

CVE-2020-10058

CVE-2020-10058 affects Zephyr Project RTOS (Kscan subsystem). The issue arises from insufficient parameter validation in multiple Kscan syscalls, enabling a local user to potentially gain elevated privileges. Publicly documented details from CNVD-2020-35003 confirm Zephyr 2.1.0 and later are affe...

7.8CVSS7.8AI score0.00396EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/05/11 10:26 p.m.17 views

CVE-2020-10058 Multiple Syscalls In kscan Subsystem Performs No Argument Validation

Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions...

7.8CVSS7.8AI score0.00396EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/05/11 10:26 p.m.18 views

CVE-2020-10028 Multiple Syscalls In GPIO Subsystem Performs No Argument Validation

Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions...

7.8CVSS7.7AI score0.00396EPSS
Exploits0References5
CVE
CVE
added 2020/05/11 10:26 p.m.73 views

CVE-2020-10028

CVE-2020-10028 concerns Zephyr RTOS, specifically the GPIO subsystem, where multiple syscalls perform no argument validation. Root cause: insufficient validation on syscall parameters, enabling possible improper access or misuse. Affected: Zephyr versions 1.14.0 and later, including 2.1.0 and lat...

7.8CVSS7.7AI score0.00396EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/03/26 12:0 a.m.5 views

The vulnerability of the docker-compose-remote-api package from the package manager NPM allows a attacker to execute arbitrary commands.

The vulnerability of the docker-compose-remote-api package from the package manager NPM is related to insufficient validation of arguments passed in commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands on the target system remotely...

10CVSS8.1AI score0.02644EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/17 12:0 a.m.4 views

The vulnerability of the microprogrammed wireless access point software for Moxa AWK-3121 lies in insufficient validation of arguments passed in commands, allowing attackers to execute arbitrary commands with root privileges.

The vulnerability of the microprogrammed wireless access point software for Moxa AWK-3121 lies in insufficient verification of the arguments passed in the command. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with root privileges, using a specially crafted...

10CVSS8AI score0.05349EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/29 12:0 a.m.6 views

The vulnerability in the web interface of the Cisco Webex Video Mesh software allows a malicious actor to execute arbitrary commands.

The vulnerability of the Cisco Webex Video Mesh software control web interface is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

9CVSS7.4AI score0.03507EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/08 12:0 a.m.6 views

The vulnerability of the command-line interface of the FortiExtender signal booster software arises from insufficient validation of arguments passed in commands, allowing attackers to execute arbitrary commands.

The vulnerability of the command-line interface of the FortiExtender signal booster software relates to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS7.5AI score0.01907EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/12/22 12:0 a.m.5 views

The vulnerability of the xpack.security.audit.enabled component of the Kibana data visualization service allows a perpetrator to execute arbitrary commands.

The vulnerability of the xpack.security.audit.enabled component of the Kibana data visualization service is related to insufficient validation of arguments passed to commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

9CVSS8AI score0.03908EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/12/09 12:0 a.m.11 views

The vulnerability of D-Link DIR-655, D-Link DIR-866L, D-Link DIR-652, and D-Link DHP-1565 router microprogramming software lies in insufficient checking of arguments passed in commands, allowing attackers to execute arbitrary code.

The vulnerability of D-Link DIR-655, D-Link DIR-866L, D-Link DIR-652, and D-Link DHP-1565 router microprogramming software is related to insufficient testing of the arguments passed in the command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a...

10CVSS8.2AI score0.99996EPSS
Exploits5References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.8 views

The vulnerability in the Web UI of the Cisco IOS XE operating system, which allows a hacker to execute arbitrary commands with elevated privileges

The vulnerability of the Cisco IOS XE operating system’s Web UI is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with elevated privileges remotely...

8CVSS5.8AI score0.02543EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/18 12:0 a.m.5 views

The vulnerability of the command-line interface of the network operating system NX-OS, which allows a hacker to escalate their privileges and execute arbitrary commands.

The vulnerability of the command-line interface CLI of the NX-OS network operating system is related to insufficient checking of arguments passed to certain CLI commands. Exploiting this vulnerability can allow an attacker to increase their privileges and execute arbitrary commands...

4.4CVSS5.8AI score0.00543EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/14 12:0 a.m.5 views

The vulnerability of the command-line interface of the Cisco NX-OSS network operating system in Cisco devices allows a attacker to gain access to internal services.

The vulnerability of the command-line interface of the Cisco NX-OSS network operating system devices relates to insufficient checking of arguments passed in commands. Exploiting this vulnerability can allow attackers to gain access to internal services...

5.3CVSS6.2AI score0.00423EPSS
Exploits0References3
Rows per page
Query Builder