Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leap vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-15210
In tensorflow-lite prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d5...
Google Tensorflow
Opensuse Leap 15.2
4.8
CVSSv3
CVE-2020-15211
In TensorFlow Lite prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format u...
Google Tensorflow
Opensuse Leap 15.2
6.1
CVSSv3
CVE-2019-11556
Pagure prior to 5.6 allows XSS via the templates/blame.html blame view.
Redhat Pagure
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
5.5
CVSSv3
CVE-2020-26088
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel prior to 5.8.2 could be used by local malicious users to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.
Linux Linux Kernel
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
5.5
CVSSv3
CVE-2020-25596
An issue exists in Xen up to and including 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault, and incorrectly deli...
Xen Xen
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Opensuse Leap 15.2
7
CVSSv3
CVE-2020-25599
An issue exists in Xen up to and including 4.14.x. There are evtchn_reset() race conditions. Uses of EVTCHNOP_reset (potentially by a guest on itself) or XEN_DOMCTL_soft_reset (by itself covered by XSA-77) can lead to the violation of various internal assumptions. This may lead t...
Xen Xen
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.2
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2020-25600
An issue exists in Xen up to and including 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs 64-bit or Arm (either bitness) ...
Xen Xen
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.2
Debian Debian Linux 10.0
1 Github repository
5.5
CVSSv3
CVE-2020-25601
An issue exists in Xen up to and including 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of these (when resetting all eve...
Xen Xen
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.2
6
CVSSv3
CVE-2020-25602
An issue exists in Xen up to and including 4.14.x. An x86 PV guest can trigger a host OS crash when handling guest access to MSR_MISC_ENABLE. When a guest accesses certain Model Specific Registers, Xen first reads the value from hardware to use as the basis for auditing the guest...
Xen Xen
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Opensuse Leap 15.2
7.8
CVSSv3
CVE-2020-25603
An issue exists in Xen up to and including 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate mem...
Xen Xen
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.2
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »