CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8009 matches found

PyPA•added 2021/11/05 11:15 p.m.•5 views

PYSEC-2021-835

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's savedmodelcli tool is vulnerable to a code injection as it calls eval on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given...

7.8CVSS7.8AI score0.00208EPSS

Exploits1References2Affected Software1

OSV•added 2021/11/05 11:15 p.m.•2 views

PYSEC-2021-835

7.8CVSS7.2AI score0.00208EPSS

Exploits1References2

OSV•added 2021/11/05 11:15 p.m.•4 views

PYSEC-2021-420

7.8CVSS7.2AI score0.00208EPSS

Exploits1References2

Debian CVE•added 2021/11/05 10:25 p.m.•4 views

CVE-2021-41228

7.8CVSS7.8AI score0.00208EPSS

Exploits1

Positive Technologies•added 2021/11/05 12:0 a.m.•3 views

PT-2021-23201 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.1 and earlier TensorFlow versions 2.5.2 and earlier TensorFlow versions 2.4.4 and earlier Description: TensorFlow's saved model cli tool is vulnerable to a code injection as it calls...

7.8CVSS7.7AI score0.00208EPSS

Exploits1References19

CNNVD•added 2021/11/05 12:0 a.m.•4 views

Google TensorFlow 代码注入漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An operating system command injection vulnerability exists in Google TensorFlow, which stems from the fact that the savedmodelcli tool is vulnerable to code injection because it calls eval on a...

7.8CVSS6.2AI score0.00208EPSS

Exploits1References3

RedHat Linux•added 2021/11/03 8:41 p.m.•23 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.49 security update

Red Hat OpenShift Container Platform release 4.6.49 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...

7.8CVSS7.1AI score0.00499EPSS

Exploits0References2

Tenable Nessus•added 2021/11/03 12:0 a.m.•23 views

Cisco Firepower Threat Defense Software CLI Arbitrary File Write (cisco-sa-ftd-file-write-SHVcmQVc)

According to its self-reported version, Cisco FTD Software is affected by a vulnerability due to incomplete validation of user input for a specific CLI command. An authenticated, local attacker can exploit this, by authenticating to the device with administrative privileges, in order to overwrite...

6.6CVSS6.3AI score0.00207EPSS

Exploits0References4

Tenable Nessus•added 2021/10/28 12:0 a.m.•40 views

SUSE SLES15 Security Update : containerd, docker, runc (SUSE-SU-2021:3506-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3506-1 advisory. - runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker...

8.5CVSS6.9AI score0.06604EPSS

Exploits5References23

Tenable Nessus•added 2021/10/28 12:0 a.m.•255 views

openSUSE 15 Security Update : containerd, docker, runc (openSUSE-SU-2021:3506-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3506-1 advisory. - runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be...

8.5CVSS6.9AI score0.06604EPSS

Exploits5References23

OSV•added 2021/10/27 7:15 p.m.•3 views

CVE-2021-34755

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory...

7.8CVSS7.3AI score0.00262EPSS

Exploits0References1

NVD•added 2021/10/27 7:15 p.m.•11 views

CVE-2021-34756

7.8CVSS0.00262EPSS

Exploits0References1

NVD•added 2021/10/27 7:15 p.m.•12 views

CVE-2021-34755

7.8CVSS0.00262EPSS

Exploits0References1

Prion•added 2021/10/27 7:15 p.m.•14 views

Input validation

A vulnerability in Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete...

6.6CVSS6.2AI score0.00207EPSS

Exploits0References1Affected Software3

Prion•added 2021/10/27 7:15 p.m.•13 views

Information disclosure

7.2CVSS7.8AI score0.00262EPSS

Exploits0References1Affected Software3

Prion•added 2021/10/27 7:15 p.m.•10 views

Information disclosure

7.2CVSS7.8AI score0.00262EPSS

Exploits0References1Affected Software3

Vulnrichment•added 2021/10/27 6:55 p.m.•10 views

CVE-2021-34761 Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability

4.4CVSS7AI score0.00207EPSS

Exploits0References1

Cvelist•added 2021/10/27 6:55 p.m.•17 views

CVE-2021-34756 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities

6.7CVSS8.1AI score0.00262EPSS

Exploits0References1

CVE•added 2021/10/27 6:55 p.m.•75 views

CVE-2021-34755

Cisco Firepower Threat Defense (FTD) Software CLI contains multiple command injection vulnerabilities. An authenticated, local attacker could exploit insufficient validation of user-supplied command arguments to execute arbitrary commands with root privileges on the underlying OS, including when ...

7.8CVSS7.4AI score0.00262EPSS

Exploits0References1Affected Software3

Cvelist•added 2021/10/27 6:55 p.m.•15 views

CVE-2021-34755 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities

6.7CVSS8.1AI score0.00262EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by