|
209971
|
3.3 |
LOW
Local
|
google
|
tensorflow
|
In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a q…
|
CWE-20
Improper Input Validation
|
CVE-2020-26270
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209972
|
7.5 |
HIGH
Network
|
google
|
tensorflow
|
In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the direc…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-26269
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209973
|
7.8 |
HIGH
Local
|
google
|
tensorflow
|
In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation o…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-26267
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209974
|
5.3 |
MEDIUM
Local
|
google
|
tensorflow
|
In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default …
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-26266
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209975
|
9.8 |
CRITICAL
Network
|
askey
|
ap5100w_firmware
|
Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level. This allows an attacker to gain unauthorized access as an admin or root user to t…
|
CWE-521
Weak Password Requirements
|
CVE-2020-26201
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209976
|
4.4 |
MEDIUM
Local
|
google
|
tensorflow
|
In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor i…
|
NVD-CWE-Other
|
CVE-2020-26268
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209977
|
8.8 |
HIGH
Network
|
fastadmin
|
fastadmin
|
The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability.
|
CWE-74
Injection
|
CVE-2020-25967
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209978
|
3.3 |
LOW
Local
|
google
|
tensorflow
|
In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge …
|
CWE-125
CWE-908
Out-of-bounds Read
Use of Uninitialized Resource
|
CVE-2020-26271
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209979
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a m…
|
CWE-79
Cross-site Scripting
|
CVE-2020-26407
|
2024-11-21 14:19 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209980
|
6.5 |
MEDIUM
Network
|
matrix
fedoraproject
|
synapse
fedora
|
Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix. A malicious or poorly-implemented homeserver can inject malformed e…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-26257
|
2024-11-21 14:19 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
