Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axis vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2018-19334
Google Monorail prior to 2018-05-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with an unsupported axis) can be used to obtain sensitive information about the content of bug report...
Google Monorail
4.3
CVSSv3
CVE-2024-23900
Jenkins Matrix Project Plugin 822.v01b_8c85d16d2 and previous versions does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with...
Jenkins Matrix Project
NA
CVE-2004-0334
InnoMedia VideoPhone allows remote malicious users to bypass Basic Authorization via an HTTP request to (1) videophone_admindetail.asp, (2) videophone_syscfg.asp, (3) videophone_upgrade.asp, or (4) videophone_sysctrl.asp that contains a trailing / (slash). NOTE: the original repo...
Innomedia Innomedia Videophone Au75200xvi04010x
NA
CVE-2013-5397
Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1 allows remote malicious users...
Ibm Rational Focal Point 6.5.2.3
Ibm Rational Focal Point 6.6
Ibm Rational Focal Point 6.4
Ibm Rational Focal Point 6.4.1.3
Ibm Rational Focal Point 6.6.0.1
Ibm Rational Focal Point 6.6.1
Ibm Rational Focal Point 6.5.1
Ibm Rational Focal Point 6.5.2
NA
CVE-2013-5398
Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1 allows remote malicious users...
Ibm Rational Focal Point 6.5.2
Ibm Rational Focal Point 6.5.2.3
Ibm Rational Focal Point 6.6
Ibm Rational Focal Point 6.4
Ibm Rational Focal Point 6.6.0.1
Ibm Rational Focal Point 6.6.1
Ibm Rational Focal Point 6.4.1.3
Ibm Rational Focal Point 6.5.1
6.5
CVSSv3
CVE-2022-21731
Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ConcatV2` can be used to trigger a denial of service attack via a segfault caused by a type confusion. The `axis` argument is translated into `concat_dim` in the `ConcatShapeHelper...
Google Tensorflow
Google Tensorflow 2.7.0
7.1
CVSSv3
CVE-2021-29553
TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in `tf.raw_ops.QuantizeAndDequantizeV3`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/11ff7f80667e6490d7...
NA
CVE-2012-5783
Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which all...
Apache Httpclient 3.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
1 Github repository
7.8
CVSSv3
CVE-2021-29610
TensorFlow is an end-to-end open source platform for machine learning. The validation in `tf.raw_ops.QuantizeAndDequantizeV2` allows invalid values for `axis` argument:. The validation(https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorfl...
Google Tensorflow
7.5
CVSSv3
CVE-2020-15265
In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to vali...
Google Tensorflow
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »