Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1430 matches found

PyPA
PyPAadded 2021/11/05 10:15 p.m.3 views

PYSEC-2021-825

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for AllToAll can be made to execute a division by 0. This occurs whenever the splitcount argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on...

5.5CVSS7.4AI score0.00017EPSS
Exploits0References2Affected Software1
PyPA
PyPAadded 2021/11/05 10:15 p.m.3 views

PYSEC-2021-627

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for AllToAll can be made to execute a division by 0. This occurs whenever the splitcount argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on...

5.5CVSS7.4AI score0.00017EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2021/11/05 10:15 p.m.3 views

PYSEC-2021-825

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for AllToAll can be made to execute a division by 0. This occurs whenever the splitcount argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on...

5.5CVSS6.2AI score0.00017EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2021/11/05 10:5 p.m.2 views

CVE-2021-41218

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for AllToAll can be made to execute a division by 0. This occurs whenever the splitcount argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on...

5.5CVSS7.3AI score0.00017EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2021/11/05 12:0 a.m.2 views

PT-2021-23191 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.1 and earlier TensorFlow versions 2.5.2 and earlier TensorFlow versions 2.4.4 and earlier Description: TensorFlow is an open source platform for machine learning. In affected versions...

5.5CVSS5.5AI score0.00017EPSS
Exploits0References16
RedHat Linux
RedHat Linuxadded 2021/09/27 7:40 a.m.3 views

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

7.5CVSS7.1AI score0.00506EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2021/09/22 9:6 a.m.3 views

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

7.5CVSS7.1AI score0.00506EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2021/09/22 8:55 a.m.2 views

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

7.5CVSS7.1AI score0.00506EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2021/09/21 1:22 p.m.1 views

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

7.5CVSS7.1AI score0.00506EPSS
Exploits1References5
Github Security Blog
Github Security Blogadded 2021/08/30 4:15 p.m.47 views

Ethereum Contains Consensus Flaw During Block Processing

Impact A vulnerability in the Geth EVM could cause a node to reject the canonical chain. Description A memory-corruption bug within the EVM can cause a consensus error, where vulnerable nodes obtain a different stateRoot when processing a maliciously crafted transaction. This, in turn, would lead...

7.5CVSS7AI score0.00289EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linuxadded 2021/08/26 10:21 a.m.1 views

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

7.5CVSS7.1AI score0.00506EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2021/08/26 10:18 a.m.2 views

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

7.5CVSS7.1AI score0.00506EPSS
Exploits1References5
OSV
OSVadded 2021/08/25 8:52 p.m.9 views

GHSA-WP34-MQW5-JJ85 Use after free in nano_arena

Affected versions of this crate assumed that Borrow was guaranteed to return the same value on .borrow. The borrowed index value was used to retrieve a mutable reference to a value. If the Borrow implementation returned a different index, the split arena would allow retrieving the index as a...

9.8CVSS9.5AI score0.00509EPSS
Exploits1References5
OSV
OSVadded 2021/08/25 8:43 p.m.15 views

GHSA-Q89X-F52W-6HJ2 Headers containing newline characters can split messages in hyper

Serializing of headers to the socket did not filter the values for newline bytes \r or \n, which allowed for header values to split a request or response. People would not likely include newlines in the headers in their own applications, so the way for most people to exploit this is if an...

5.3CVSS5.1AI score0.00215EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2021/08/25 8:43 p.m.46 views

Headers containing newline characters can split messages in hyper

Serializing of headers to the socket did not filter the values for newline bytes \r or \n, which allowed for header values to split a request or response. People would not likely include newlines in the headers in their own applications, so the way for most people to exploit this is if an...

5.3CVSS5.4AI score0.00215EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2021/08/25 2:42 p.m.1 views

GHSA-F5CX-5WR3-5QRC Reference binding to nullptr in boosted trees

Impact An attacker can generate undefined behavior via a reference binding to nullptr in BoostedTreesCalculateBestGainsPerFeature: python import tensorflow as tf tf.rawops.BoostedTreesCalculateBestGainsPerFeature nodeidrange=, statssummarylist=1,2,3, l1=1.0, l2=1.0, treecomplexity =1.0,...

7.1CVSS5.8AI score0.00106EPSS
Exploits0References8
OSV
OSVadded 2021/08/25 2:42 p.m.1 views

GHSA-R4C4-5FPQ-56WG Heap OOB in boosted trees

Impact An attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to BoostedTreesSparseCalculateBestFeatureSplit: python import tensorflow as tf tf.rawops.BoostedTreesSparseCalculateBestFeatureSplit nodeidrange=0,10, statssummaryindices=1, 2,...

7.3CVSS6.3AI score0.00038EPSS
Exploits0References7
NVD
NVDadded 2021/08/24 4:15 p.m.13 views

CVE-2021-39137

go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a late...

7.5CVSS0.00289EPSS
Exploits0References2
OSV
OSVadded 2021/08/24 4:15 p.m.15 views

CVE-2021-39137

go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a late...

7.5CVSS6.6AI score
Exploits0References2
Prion
Prionadded 2021/08/24 4:15 p.m.12 views

Design/Logic Flaw

go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a late...

5CVSS7.4AI score0.00289EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder