Lucene search
K

41 matches found

OSV
OSV
added 2024/05/17 3:15 p.m.1 views

DEBIAN-CVE-2023-52678

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Confirm list is non-empty before utilizing listfirstentry in kfdtopology.c Before using listfirstentry, make sure to check that list is not empty, if list is empty return -ENODATA. Fixes the below:...

5.5CVSS5.5AI score0.00232EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to verify that a list is non-empty before using listfirstentry in kfdtopology.c. The vulnerability...

5.5CVSS6.5AI score0.00232EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.5 views

SUSE CVE-2021-29515

TensorFlow is an end-to-end open source platform for machine learning. The implementation of MatrixDiag operationshttps://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrixdiagop.ccL195-L197 does not validate that the tensor...

7.8CVSS7.6AI score0.00201EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2022/05/18 2:2 p.m.4 views

buildah: Default inheritable capabilities for linux container should be empty

A flaw was found in buildah, where containers were incorrectly started with non-empty default permissions. A bug was found in Moby Docker Engine where containers were incorrectly started with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs wi...

6.8CVSS5.7AI score0.01225EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/04/26 8:56 p.m.3 views

podman: Default inheritable capabilities for linux container should be empty

A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to...

7.5CVSS5.7AI score0.01441EPSS
Exploits0References5
OSV
OSV
added 2022/04/04 8:15 p.m.7 views

AZL-11513 CVE-2022-27651 affecting package buildah for versions less than 1.18.0-8

A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby Docker Engine where containers were incorrectly started with non-empty inheritable Linux process capabilities, enabling an attacker with access to programs with...

6.8CVSS6.7AI score0.01225EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/04 8:15 p.m.3 views

CVE-2022-27650

A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby Docker Engine where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to...

7.5CVSS5.8AI score0.01124EPSS
Exploits0References6
OSV
OSV
added 2022/04/04 8:15 p.m.5 views

AZL-36934 CVE-2022-27651 affecting package buildah for versions less than 1.41.4-2

A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby Docker Engine where containers were incorrectly started with non-empty inheritable Linux process capabilities, enabling an attacker with access to programs with...

6.8CVSS6.7AI score0.01225EPSS
Exploits0References1
OSV
OSV
added 2022/04/04 8:15 p.m.28 views

CVE-2022-27649

A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to...

7.5CVSS7.3AI score
Exploits0References6
OSV
OSV
added 2022/04/04 8:15 p.m.3 views

DEBIAN-CVE-2022-27649

A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to...

7.5CVSS6.8AI score0.01441EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/03/30 12:0 a.m.2 views

crun 安全漏洞

crun is an OCI Open Container Initiative container runtime library written in C. The vulnerability is caused by a vulnerability in a product that incorrectly starts containers with non-empty default privileges. A security vulnerability exists in crun that stems from an affected product incorrectl...

6.8CVSS7.5AI score0.01225EPSS
Exploits0References23
Positive Technologies
Positive Technologies
added 2021/08/12 12:0 a.m.4 views

PT-2021-21791 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: An attacker can trigger a denial of service via a CHECK-fail in tf.raw...

9.3CVSS5.6AI score0.00451EPSS
Exploits5References86
Veracode
Veracode
added 2021/05/17 5:53 a.m.22 views

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. A NULL pointer dereference occurs in MatrixDiag ops as the implementation does not validate that the tensor arguments are non-empty...

7.8CVSS4.9AI score0.00201EPSS
Exploits1References3Affected Software3
PyPA
PyPA
added 2021/05/14 8:15 p.m.6 views

PYSEC-2021-641

TensorFlow is an end-to-end open source platform for machine learning. The implementation of MatrixDiag operationshttps://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrixdiagop.ccL195-L197 does not validate that the tensor...

7.8CVSS7AI score0.00201EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.6 views

PYSEC-2021-152

TensorFlow is an end-to-end open source platform for machine learning. The implementation of MatrixDiag operationshttps://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrixdiagop.ccL195-L197 does not validate that the tensor...

7.8CVSS7AI score0.00201EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.7 views

PYSEC-2021-443

TensorFlow is an end-to-end open source platform for machine learning. The implementation of MatrixDiag operationshttps://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrixdiagop.ccL195-L197 does not validate that the tensor...

7.8CVSS7AI score0.00201EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/05/14 8:15 p.m.6 views

PYSEC-2021-152

TensorFlow is an end-to-end open source platform for machine learning. The implementation of MatrixDiag operationshttps://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrixdiagop.ccL195-L197 does not validate that the tensor...

7.8CVSS5.9AI score0.00201EPSS
Exploits1References2
CNVD
CNVD
added 2016/12/21 12:0 a.m.2 views

yxcms V1.3.9 Arbitrary File Deletion Vulnerability in 'tpdel' Function

YXcms is a website management system based on PHP+MySql with a lightweight MVC design model. The yxcms V1.3.9 'tpdel' function is vulnerable to arbitrary file deletion. Since the function only passes a non-empty judgment on the string Mname fname, as long as the path is correct, arbitrary files c...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2016/07/02 12:0 a.m.11 views

PT-2016-6216 · Red Hat +4 · Libvirt +5

Name of the Vulnerable Software and Affected Versions: libvirt versions prior to 2.0.0 Description: The issue allows remote attackers to bypass authentication and establish a VNC session by connecting to the server when the password on a VNC server is set to an empty string. Recommendations: For...

9.8CVSS8.2AI score0.74041EPSS
Exploits11References82
OSV
OSV
added 2014/12/16 12:0 a.m.6 views

UBUNTU-CVE-2014-9323

The xdrstatusvector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service NULL pointer dereference, segmentation fault, and crash via an opresponse action with a non-empty status...

5CVSS5.8AI score0.02896EPSS
Exploits1References6
Rows per page
Query Builder