|
210791
|
9.8 |
CRITICAL
Network
|
re-desk
|
re\
|
Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerability in the getBaseCriteria() function in the protected/models/Ticket.php file. By modifying the folder GET parameter, it is possib…
|
CWE-89
SQL Injection
|
CVE-2020-15487
|
2024-11-21 14:05 |
2020-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210792
|
6.5 |
MEDIUM
Network
|
goxmldsig_project
fedoraproject
|
goxmldsig
fedora
|
In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered fi…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2020-15216
|
2024-11-21 14:05 |
2020-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210793
|
6.5 |
MEDIUM
Network
|
google
opensuse
|
tensorflow
leap
|
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15210
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210794
|
7.5 |
HIGH
Network
|
google
opensuse
|
tensorflow
leap
|
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `fill` argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability …
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2020-15203
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210795
|
8.8 |
HIGH
Network
|
google
opensuse
|
tensorflow
leap
|
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of `SparseFillEmptyRowsGrad` uses a double indexing pattern. It is possible for `reverse_index_map(i)` to be an…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15195
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210796
|
8.1 |
HIGH
Network
|
google
|
tensorflow
|
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids a…
|
-
|
CVE-2020-15214
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210797
|
4.0 |
MEDIUM
Network
|
google
|
tensorflow
|
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code us…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2020-15213
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210798
|
8.6 |
HIGH
Network
|
google
|
tensorflow
|
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. U…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15212
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210799
|
4.8 |
MEDIUM
Network
|
google
opensuse
|
tensorflow
leap
|
In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set o…
|
-
|
CVE-2020-15211
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210800
|
5.9 |
MEDIUM
Network
|
google
opensuse
|
tensorflow
leap
|
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. This can be achieved by chang…
|
-
|
CVE-2020-15209
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
