VYPR

CVEs

101,963 total · page 1291 of 2,040

  • CVE-2021-37654HigAug 12, 2021
    risk 0.40cvss 7.3epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a `CHECK`-fail in debug builds of TensorFlow using `tf.raw_ops.ResourceGather` or a read from outside the bounds of heap allocated data in the same API…

  • CVE-2021-37651HigAug 12, 2021
    risk 0.39cvss 7.1epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.FractionalAvgPoolGrad` can be tricked into accessing data outside of bounds of heap allocated buffers. The [implementation](https://github.com/tensorflow…

  • CVE-2021-37650HigAug 12, 2021
    risk 0.44cvss 7.8epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.ExperimentalDatasetToTFRecord` and `tf.raw_ops.DatasetToTFRecord` can trigger heap buffer overflow and segmentation fault. The…

  • CVE-2021-37641HigAug 12, 2021
    risk 0.40cvss 7.3epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions if the arguments to `tf.raw_ops.RaggedGather` don't determine a valid ragged tensor code can trigger a read from outside of bounds of heap allocated buffers. The…

  • CVE-2021-37635HigAug 12, 2021
    risk 0.40cvss 7.3epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The [implementation](https://github.com/tensorflow/tensorflow…

  • CVE-2021-33056HigAug 12, 2021
    risk 0.00cvss 7.5epss 0.01

    Belledonne Belle-sip before 4.5.20, as used in Linphone and other products, can crash via an invalid From header in a SIP message.

  • CVE-2021-37649HigAug 12, 2021
    risk 0.43cvss 7.7epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. The code for `tf.raw_ops.UncompressElement` can be made to trigger a null pointer dereference. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensor…

  • CVE-2021-37647HigAug 12, 2021
    risk 0.43cvss 7.7epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. When a user does not supply arguments that determine a valid sparse tensor, `tf.raw_ops.SparseTensorSliceDataset` implementation can be made to dereference a null pointer. The…

  • CVE-2021-37643HigAug 12, 2021
    risk 0.43cvss 7.7epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. If a user does not provide a valid padding value to `tf.raw_ops.MatrixDiagPartOp`, then the code triggers a null pointer dereference (if input is empty) or produces invalid behavior, ignoring all values after…

  • CVE-2021-37639HigAug 12, 2021
    risk 0.48cvss 8.4epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. When restoring tensors via raw APIs, if the tensor name is not provided, TensorFlow can be tricked into dereferencing a null pointer. Alternatively, attackers can read memory outside the bounds of heap…

  • CVE-2021-37638HigAug 12, 2021
    risk 0.43cvss 7.7epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. Sending invalid argument for `row_partition_types` of `tf.raw_ops.RaggedTensorToTensor` API results in a null pointer dereference and undefined behavior. The [implementation](https://github.com/tensorflow/tens…

  • CVE-2021-37637HigAug 12, 2021
    risk 0.43cvss 7.7epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. It is possible to trigger a null pointer dereference in TensorFlow by passing an invalid input to `tf.raw_ops.CompressElement`. The [implementation](https://github.com/tensorflow/tensorflow/blob/47a06f40411a69…

  • CVE-2020-18462HigAug 12, 2021
    risk 0.47cvss 7.2epss 0.01

    File Upload vulnerabilty in AikCms v2.0.0 in poster_edit.php because the background file management office does not verify the uploaded file.

  • CVE-2020-18460HigAug 12, 2021
    risk 0.57cvss 8.8epss 0.00

    Cross Site Request Forgery (CSRF) vulnerability exists in 711cms v1.0.7 that can add an admin account via admin.php?c=Admin&m=content.

  • CVE-2020-18458HigAug 12, 2021
    risk 0.52cvss 8.0epss 0.00

    Cross Site Request Forgery (CSRF) vulnerability exists in DamiCMS v6.0.6 that can add an admin account via admin.php?s=/Admin/doadd.

  • CVE-2021-36982HigAug 12, 2021
    risk 0.53cvss 8.1epss 0.02

    AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 allows OS Command Injection because of missing input validation on one of the parameters of an HTTP request.

  • CVE-2021-36958HigAug 12, 2021
    risk 0.53cvss 7.8epss 0.32

    A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install…

  • CVE-2021-36949HigAug 12, 2021
    risk 0.46cvss 7.1epss 0.01

    Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability

  • CVE-2021-36948HigKEVAug 12, 2021
    risk 0.64cvss 7.8epss 0.20

    Windows Update Medic Service Elevation of Privilege Vulnerability

  • CVE-2021-36947HigAug 12, 2021
    risk 0.58cvss 8.8epss 0.07

    Windows Print Spooler Remote Code Execution Vulnerability

  • CVE-2021-36945HigAug 12, 2021
    risk 0.48cvss 7.3epss 0.02

    Windows 10 Update Assistant Elevation of Privilege Vulnerability

  • CVE-2021-36942HigKEVAug 12, 2021
    risk 0.75cvss 7.5epss 0.66

    Windows LSA Spoofing Vulnerability

  • CVE-2021-36941HigAug 12, 2021
    risk 0.51cvss 7.8epss 0.02

    Microsoft Word Remote Code Execution Vulnerability

  • CVE-2021-36940HigAug 12, 2021
    risk 0.50cvss 7.6epss 0.04

    Microsoft SharePoint Server Spoofing Vulnerability

  • CVE-2021-36937HigAug 12, 2021
    risk 0.51cvss 7.8epss 0.02

    Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability

  • CVE-2021-36936HigAug 12, 2021
    risk 0.58cvss 8.8epss 0.07

    Windows Print Spooler Remote Code Execution Vulnerability

  • CVE-2021-36933HigAug 12, 2021
    risk 0.49cvss 7.5epss 0.03

    Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability

  • CVE-2021-36932HigAug 12, 2021
    risk 0.49cvss 7.5epss 0.03

    Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability

  • CVE-2021-36927HigAug 12, 2021
    risk 0.51cvss 7.8epss 0.00

    Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability

  • CVE-2021-36926HigAug 12, 2021
    risk 0.49cvss 7.5epss 0.03

    Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability

  • CVE-2021-36921HigAug 12, 2021
    risk 0.57cvss 8.8epss 0.01

    AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. An attacker can gain administrative access by modifying the response to an authentication check request.

  • CVE-2021-34537HigAug 12, 2021
    risk 0.51cvss 7.8epss 0.00

    Windows Bluetooth Driver Elevation of Privilege Vulnerability

  • CVE-2021-34536HigAug 12, 2021
    risk 0.51cvss 7.8epss 0.01

    Storage Spaces Controller Elevation of Privilege Vulnerability

  • CVE-2021-34535HigAug 12, 2021
    risk 0.59cvss 8.8epss 0.18

    Remote Desktop Client Remote Code Execution Vulnerability

  • CVE-2021-34533HigAug 12, 2021
    risk 0.51cvss 7.8epss 0.02

    Windows Graphics Component Font Parsing Remote Code Execution Vulnerability

  • CVE-2021-34530HigAug 12, 2021
    risk 0.51cvss 7.8epss 0.02

    Windows Graphics Component Remote Code Execution Vulnerability

  • CVE-2021-34524HigAug 12, 2021
    risk 0.53cvss 8.1epss 0.03

    Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

  • CVE-2021-34487HigAug 12, 2021
    risk 0.46cvss 7.0epss 0.01

    Windows Event Tracing Elevation of Privilege Vulnerability

  • CVE-2021-34486HigKEVAug 12, 2021
    risk 0.63cvss 7.8epss 0.07

    Windows Event Tracing Elevation of Privilege Vulnerability

  • CVE-2021-34484HigKEVAug 12, 2021
    risk 0.64cvss 7.8epss 0.14

    Windows User Profile Service Elevation of Privilege Vulnerability

  • CVE-2021-34483HigAug 12, 2021
    risk 0.51cvss 7.8epss 0.01

    Windows Print Spooler Elevation of Privilege Vulnerability

  • CVE-2021-34478HigAug 12, 2021
    risk 0.55cvss 7.8epss 0.54

    Microsoft Office Remote Code Execution Vulnerability

  • CVE-2021-34471HigAug 12, 2021
    risk 0.51cvss 7.8epss 0.00

    Microsoft Windows Defender Elevation of Privilege Vulnerability

  • CVE-2021-33762HigAug 12, 2021
    risk 0.46cvss 7.0epss 0.00

    Azure CycleCloud Elevation of Privilege Vulnerability

  • CVE-2021-26433HigAug 12, 2021
    risk 0.49cvss 7.5epss 0.03

    Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability

  • CVE-2021-26431HigAug 12, 2021
    risk 0.51cvss 7.8epss 0.01

    Windows Recovery Environment Agent Elevation of Privilege Vulnerability

  • CVE-2021-26429HigAug 12, 2021
    risk 0.50cvss 7.7epss 0.00

    Azure Sphere Elevation of Privilege Vulnerability

  • CVE-2021-26426HigAug 12, 2021
    risk 0.46cvss 7.0epss 0.01

    Windows User Account Profile Picture Elevation of Privilege Vulnerability

  • CVE-2021-26425HigAug 12, 2021
    risk 0.51cvss 7.8epss 0.01

    Windows Event Tracing Elevation of Privilege Vulnerability

  • CVE-2021-26423HigAug 12, 2021
    risk 0.49cvss 7.5epss 0.04

    .NET Core and Visual Studio Denial of Service Vulnerability