Lucene search
K

568 matches found

OSV
OSV
added 2021/10/05 9:15 p.m.4 views

CVE-2021-3581

Buffer Access with Incorrect Length Value in zephyr. Zephyr versions = =2.5.0 contain Buffer Access with Incorrect Length Value CWE-805. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8q65-5gqf-fmw5...

8.8CVSS5.5AI score0.00337EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/02 12:0 a.m.5 views

Schneider Electric GP-Pro EX 代码问题漏洞

Schneider Electric GP-Pro EX is a suite of HMI interface editing and logic programming software from Schneider Electric France. A code issue vulnerability exists in Schneider Electric GP-Pro EX, which arises from the product's failure to properly filter special elements in the search path. The...

7.8CVSS7.6AI score0.00328EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2021/08/25 2:43 p.m.11 views

alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37641 via tensorflow (=2.5.0)

tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...

7.3CVSS6.3AI score0.00167EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 2:43 p.m.4 views

alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37642 via tensorflow (=2.5.0)

tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...

5.5CVSS5.8AI score0.00154EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 2:42 p.m.4 views

alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37669 via tensorflow (=2.5.0)

tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...

5.5CVSS5.8AI score0.00175EPSS
Exploits0
OSV
OSV
added 2021/08/12 11:15 p.m.3 views

PYSEC-2021-305

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of division in TFLite is vulnerable to a division by 0 error. There is no check that the divisor tensor does not contain zero elements. We have patched the issue in GitHub commit...

5.5CVSS5.9AI score0.00154EPSS
Exploits0References2
PyPA
PyPA
added 2021/08/12 10:15 p.m.4 views

PYSEC-2021-589

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.SparseFillEmptyRows. The shape inference implementation does not validate that the input arguments are not empt...

7.8CVSS6.9AI score0.00173EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/08/12 7:15 p.m.2 views

PYSEC-2021-260

TensorFlow is an end-to-end open source platform for machine learning. Sending invalid argument for rowpartitiontypes of tf.rawops.RaggedTensorToTensor API results in a null pointer dereference and undefined behavior. The implementation accesses the first element of a user supplied list of values...

7.8CVSS6.5AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2021/08/12 6:15 p.m.3 views

PYSEC-2021-282

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The implementation has a logic error: it should skip processing i...

5.5CVSS6AI score0.00154EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/03 12:0 a.m.4 views

Fortinet FortiPortal 代码问题漏洞

Fortinet FortiPortal is a hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs.Fortinet FortiPortal is vulnerable in versions 6.0.0 to 6.0.4, 5.3 .0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2...

8.1CVSS5.6AI score0.00734EPSS
Exploits0References4
OSV
OSV
added 2021/08/02 11:15 a.m.3 views

CVE-2021-37165

A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When a message is sent to the HMI TCP socket, it is forwarded to the hmiProcessMsg function through the pendingQ, and may lead t...

9.8CVSS7.8AI score0.03264EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2021/07/30 7:0 a.m.3 views

An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping allowing a remote attacker to conduct XSS attacks as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146.

...

6.1CVSS7AI score0.06333EPSS
Exploits2
OSV
OSV
added 2021/07/21 3:16 p.m.4 views

CVE-2021-2445

Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion component: Lifecycle Management. The supported version that is affected is 11.2.5.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion...

5.7CVSS5.8AI score0.00831EPSS
Exploits0References1
OSV
OSV
added 2021/07/21 3:15 p.m.1 views

DEBIAN-CVE-2021-2372

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.4CVSS6AI score0.02956EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/20 12:0 a.m.2 views

Oracle MySQL Server 输入验证错误漏洞

A denial-of-service vulnerability exists in the Server: Optimizer component of Oracle MySQL Server 8.0.25 and earlier versions. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash repeatedly and frequently complete denial of service...

4.9CVSS7.2AI score0.0171EPSS
Exploits0References12
OSV
OSV
added 2021/05/21 2:28 p.m.2 views

GHSA-4HVV-7X94-7VQ8 Null dereference in Grappler's `TrySimplify`

Impact The implementation of TrySimplify has undefined behavior due to dereferencing a null pointer in corner cases that result in optimizing a node with no inputs. Patches We have patched the issue in GitHub commit e6340f0665d53716ef3197ada88936c2a5f7a2d3. The fix will be included in TensorFlow...

2.5CVSS5.9AI score0.00206EPSS
Exploits1References7
OSV
OSV
added 2021/05/21 2:20 p.m.3 views

GHSA-84MW-34W6-2Q43 Null pointer dereference via invalid Ragged Tensors

Impact Calling tf.rawops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference: python import tensorflow as tf inputtensor = tf.constant, shape=0, 0, 0, 0, 0, dtype=tf.float32 filtertensor = tf.constant, shape=0, 0, 0, 0, 0, dtype=tf.float3...

2.5CVSS6AI score0.00198EPSS
Exploits1References6
PyPA
PyPA
added 2021/05/14 8:15 p.m.4 views

PYSEC-2021-522

TensorFlow is an end-to-end open source platform for machine learning. TFLite's convolution codehttps://github.com/tensorflow/tensorflow/blob/09c73bca7d648e961dd05898292d91a8322a9d45/tensorflow/lite/kernels/conv.cc has multiple division where the divisor is controlled by the user and not checked ...

7.8CVSS7AI score0.00201EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.3 views

PYSEC-2021-682

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.Reverse. This is because the...

5.5CVSS6.8AI score0.00189EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.4 views

PYSEC-2021-518

TensorFlow is an end-to-end open source platform for machine learning. The implementations of the Minimum and Maximum TFLite operators can be used to read data outside of bounds of heap allocated objects, if any of the two input tensor arguments are empty. This is because the broadcasting...

7.1CVSS6.9AI score0.00198EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder