CVE-2021-29557

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

CVE-2020-14015

An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no activation code is supplied. The system will allow an unauthorized user to continue setting a...

ABB多款产品 代码问题漏洞

ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...

TYPO3 代码问题漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A code issue vulnerability exists in TYPO3 versions prior to 12.4.31 LTS and prior to 13.4.2 LTS, which stems from the vulnerability of Webhooks to cross-site request forgery attacks...

GNU C Library 代码问题漏洞

The GNU C Library is an open source, free C language compiler from the GNU community released under the LGPL license. A code issue vulnerability exists in GNU C Library, which can be exploited by an attacker to cause dynamic shared library loading...

Cap Collectif 代码问题漏洞

Cap Collectif is a fully customizable online platform from Cap Collectif Open Source. Cap Collectif has a code issue vulnerability that stems from DebateAlternateArgumentsResolver deserializing a Cursor object, which could lead to remote code execution...

SAP Supplier Relationship Management 代码问题漏洞

SAP Supplier Relationship Management SRM is a supplier relationship management solution from SAP, Germany. The product automates purchasing and acquisition processes within an organization and between suppliers, and provides invoicing and other functionality. A code issue vulnerability exists in...

Intel Graphics Drivers 代码问题漏洞

Intel Graphics Drivers is an integrated graphics driver from Intel Corporation USA. A code issue vulnerability exists in Intel Graphics Drivers that stems from an uncontrolled search path that could lead to local elevation of privilege...

Siemens SIMATIC PCS neo 代码问题漏洞

Siemens SIMATIC PCS neo is a distributed control system from Siemens, Germany. A code issue vulnerability exists in Siemens SIMATIC PCS neo that originates from a user logging off and not properly disabling the session, which could lead to session reuse...

Intel Graphics 代码问题漏洞

Intel Graphics is a family of graphics cards from Intel Corporation USA. A code issue vulnerability exists in Intel Graphics that stems from insufficient control over search paths and could lead to elevation of privilege...

Intel Advisor 代码问题漏洞

Intel Advisor is a design and analysis tool for developing high-performance code from Intel Corporation USA. A code issue vulnerability exists in Intel Advisor that stems from an improperly controlled search path that could lead to elevation of privilege...

Microsoft Office Sharepoint Server 代码问题漏洞

Microsoft Office Sharepoint Server is a web-based content management and collaboration tool designed for enterprise customers by Microsoft. The initial version of the software existed in the form of Office components, and is still greatly dependent on Office to provide enterprise portals, documen...

Intel Arc 代码问题漏洞

Intel Arc is a family of graphics cards from Intel Corporation USA. A code issue vulnerability exists in Intel Arc that stems from improper checking of certain conditions and could lead to a local denial of service attack...

Intel Ethernet Connection 代码问题漏洞

Intel Ethernet Connection is a family of Ethernet controllers from Intel Corporation USA. A code issue vulnerability exists in Intel Ethernet Connection versions prior to 29.4, which stems from improperly controlled search paths that could result in elevated privileges...

Intel Tiber Edge Platform Edge Orchestrator 代码问题漏洞

Intel Tiber Edge Platform Edge Orchestrator is an enterprise-class edge computing orchestration management platform from Intel Corporation Intel. A code issue vulnerability exists in Intel Tiber Edge Platform Edge Orchestrator that stems from improper condition checking and could lead to a denial...

Intel RealSense SDK 代码问题漏洞

Intel RealSense SDK is a depth-aware camera development kit from Intel Corporation USA that supports 3D vision application development. A code issue vulnerability exists in Intel RealSense SDK versions prior to 2.56.2, which stems from improperly controlled search paths and could lead to elevatio...

Intel Network Adapters 代码问题漏洞

Intel Network Adapters is a family of adapters from Intel Corporation USA. A code issue vulnerability exists in Intel Network Adapters versions prior to 11 29.4, which stems from insufficient search path control and could lead to elevation of privilege...

Intel Graphics 代码问题漏洞

Intel Graphics is a family of graphics cards from Intel Corporation USA. A code issue vulnerability exists in Intel Graphics that stems from an improperly controlled search path that could lead to elevation of privilege...

IBM Jazz Reporting Service Code Issue Vulnerability

IBM Jazz Reporting Service is a suite of ready-to-use reporting components from International Business Machines IBM. The product includes features such as report generation, data collection and lifecycle queries. A code issue vulnerability exists in IBM Jazz Reporting Service that stems from a...

Discord 代码问题漏洞

Discord is a free chat service from Discord Inc. A code issue vulnerability exists in Discord version 1.0.9188, which stems from an uncontrolled search path in the library WINSTA.dll...