|
208211
|
4.4 |
MEDIUM
Local
|
google
|
tensorflow
|
In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor i…
|
NVD-CWE-Other
|
CVE-2020-26268
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208212
|
8.8 |
HIGH
Network
|
fastadmin
|
fastadmin
|
The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability.
|
CWE-74
Injection
|
CVE-2020-25967
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208213
|
3.3 |
LOW
Local
|
google
|
tensorflow
|
In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge …
|
CWE-125
CWE-908
Out-of-bounds Read
Use of Uninitialized Resource
|
CVE-2020-26271
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208214
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a m…
|
CWE-79
Cross-site Scripting
|
CVE-2020-26407
|
2024-11-21 14:19 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208215
|
6.5 |
MEDIUM
Network
|
matrix
fedoraproject
|
synapse
fedora
|
Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix. A malicious or poorly-implemented homeserver can inject malformed e…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-26257
|
2024-11-21 14:19 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208216
|
7.9 |
HIGH
Local
|
jupyterhub
|
systemdspawner
|
jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are sp…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-26261
|
2024-11-21 14:19 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208217
|
6.4 |
MEDIUM
Network
|
bookstackapp
|
bookstack
|
BookStack is a platform for storing and organising information and documentation. In BookStack before version 0.30.5, a user with permissions to edit a page could set certain image URL's to manipulat…
|
CWE-74
Injection
|
CVE-2020-26260
|
2024-11-21 14:19 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208218
|
8.7 |
HIGH
Network
|
cogboard
|
red-dashboard
|
Red Discord Bot Dashboard is an easy-to-use interactive web dashboard to control your Redbot. In Red Discord Bot before version 0.1.7a an RCE exploit has been discovered. This exploit allows Discord …
|
CWE-79
Cross-site Scripting
|
CVE-2020-26249
|
2024-11-21 14:19 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208219
|
4.8 |
MEDIUM
Network
|
apereo
|
opencast
|
Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Hostname verification is an important part when usin…
|
CWE-346
Origin Validation Error
|
CVE-2020-26234
|
2024-11-21 14:19 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208220
|
6.5 |
MEDIUM
Network
|
c2fo
|
fast-csv
|
Fast-csv is an npm package for parsing and formatting CSVs or any other delimited value file in node. In fast-cvs before version 4.3.6 there is a possible ReDoS vulnerability (Regular Expression Deni…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-26256
|
2024-11-21 14:19 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
