Lucene search
K

4722 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:23 p.m.5 views

CVE-2021-29574

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPool3DGradGrad exhibits undefined behavior by dereferencing null pointers backing attacker-supplied empty tensors. The...

7.8CVSS6.6AI score0.00201EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 p.m.6 views

CVE-2021-37660

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The implementation has a logic error: it should skip processing i...

5.5CVSS6AI score0.00154EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:54 p.m.7 views

CVE-2021-35943

Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513...

9.8CVSS7.1AI score0.01027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:36 p.m.5 views

CVE-2021-29557

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

5.5CVSS6.8AI score0.00189EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:36 p.m.5 views

CVE-2021-29589

TensorFlow is an end-to-end open source platform for machine learning. The reference implementation of the GatherNd TFLite operator is vulnerable to a division by zero...

7.8CVSS6.6AI score0.00201EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:36 p.m.5 views

CVE-2021-29515

TensorFlow is an end-to-end open source platform for machine learning. The implementation of MatrixDiag operationshttps://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrixdiagop.ccL195-L197 does not validate that the tensor...

7.8CVSS6.8AI score0.00201EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:30 p.m.16 views

CVE-2020-2300

Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which allows attackers to log in to Jenkins as any user depending on the configuration of the Active Directory server...

9.8CVSS6.8AI score0.01652EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:7 p.m.8 views

CVE-2020-19888

DBHcms v1.2.0 has an unauthorized operation vulnerability because there's no access control at line 175 of dbhcms\page.php for empty cache operation. This vulnerability can be exploited to empty a table...

5.9CVSS6.9AI score0.00742EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 1:10 p.m.21 views

CVE-2018-15556

The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...

10CVSS7.2AI score0.03258EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:36 p.m.6 views

CVE-2010-1670

Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 has improper configuration options for authentication plugins associated with logins that use the single sign-on SSO functionality, which allows remote attackers to bypass authentication via an empty password. NOTE: some of these...

7.5CVSS7.3AI score0.01554EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:26 a.m.5 views

CVE-2013-5657

AultWare pwStore 2010.8.30.0 has DoS via an empty HTTP request...

7.5CVSS7AI score0.06848EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 a.m.6 views

CVE-2019-19747

NeuVector 3.1 when configured to allow authentication via Active Directory, does not enforce non-empty passwords which allows an attacker with access to the Neuvector portal to authenticate as any valid LDAP user by providing a valid username and an empty password provided that the active directo...

9.8CVSS7.3AI score0.01393EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 a.m.9 views

CVE-2019-14381

libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot...

7.5CVSS6.8AI score0.0141EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:56 a.m.13 views

CVE-2013-3107

VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password...

4.3CVSS7.3AI score0.01713EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:20 a.m.7 views

CVE-2018-15632

Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can connect with default credentials...

9.1CVSS7AI score0.0117EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:8 a.m.7 views

CVE-2013-2579

TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12sign6 have an empty password for the hardcoded "qmik" account, which allows remote attackers to obtain administrative access via a TELNET session...

10CVSS7.3AI score0.03901EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:40 a.m.3 views

CVE-2013-5558

The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238...

10CVSS7AI score0.02096EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 11:37 p.m.15 views

CVE-2007-5714

The Gentoo ebuild of MLDonkey before 2.9.0-r3 has a p2p user account with an empty default password and valid login shell, which might allow remote attackers to obtain login access and execute arbitrary code...

6.8CVSS7.7AI score0.01801EPSS
Exploits0References1
OSV
OSV
added 2025/05/21 11:11 a.m.3 views

SUSE-SU-2025:20353-1 Security update for runc

This update for runc fixes the following issues: Update to runc v1.2.6. Upstream changelog is available from . Update to runc v1.2.0rc3. Upstream changelog is available from . - CVE-2024-45310: Fixed that runc can be tricked into creating empty files/directories on host bsc1230092...

3.6CVSS6.3AI score0.00317EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/05/21 12:46 a.m.2 views

SUSE CVE-2025-37956

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...

5.5CVSS6.4AI score0.00149EPSS
Exploits0References3
Rows per page
Query Builder