Export limit exceeded: 352303 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 352303 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 44256 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44256 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-21729 | 1 Google | 1 Tensorflow | 2025-05-05 | 6.5 Medium |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of `UnravelIndex` is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-21728 | 1 Google | 1 Tensorflow | 2025-05-05 | 8.1 High |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ReverseSequence` does not fully validate the value of `batch_dim` and can result in a heap OOB read. There is a check to make sure the value of `batch_dim` does not go over the rank of the input, but there is no check for negative values. Negative dimensions are allowed in some cases to mimic Python's negative indexing (i.e., indexing from the end of the array), however if the value is too negative then the implementation of `Dim` would access elements before the start of an array. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-21727 | 1 Google | 1 Tensorflow | 2025-05-05 | 7.6 High |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulnerable to an integer overflow weakness. The `axis` argument can be `-1` (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked, and, since the code computes `axis + 1`, an attacker can trigger an integer overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-21726 | 1 Google | 1 Tensorflow | 2025-05-05 | 8.1 High |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of `Dequantize` does not fully validate the value of `axis` and can result in heap OOB accesses. The `axis` argument can be `-1` (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked and this results in reading past the end of the array containing the dimensions of the input tensor. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-21240 | 1 Intel | 6 Proset Wi-fi 6e Ax210, Proset Wi-fi 6e Ax210 Firmware, Wi-fi 6e Ax211 and 3 more | 2025-05-05 | 4.4 Medium |
| Out of bounds read for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2022-21237 | 1 Intel | 118 Lapbc510, Lapbc510 Firmware, Lapbc710 and 115 more | 2025-05-05 | 6.7 Medium |
| Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-21226 | 1 Intel | 1 Trace Analyzer And Collector | 2025-05-05 | 5.5 Medium |
| Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-21160 | 1 Intel | 18 Proset Wi-fi 6e Ax210, Proset Wi-fi 6e Ax210 Firmware, Wi-fi 6 Ax200 and 15 more | 2025-05-05 | 7.5 High |
| Improper buffer restrictions for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via network access. | ||||
| CVE-2022-21133 | 1 Intel | 1 Trace Analyzer And Collector | 2025-05-05 | 5.5 Medium |
| Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2021-46143 | 5 Libexpat Project, Netapp, Redhat and 2 more | 10 Libexpat, Active Iq Unified Manager, Clustered Data Ontap and 7 more | 2025-05-05 | 8.1 High |
| In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. | ||||
| CVE-2021-45960 | 6 Debian, Libexpat Project, Netapp and 3 more | 10 Debian Linux, Libexpat, Active Iq Unified Manager and 7 more | 2025-05-05 | 8.8 High |
| In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). | ||||
| CVE-2021-38111 | 1 Defcon | 2 Def Con 27, Def Con 27 Firmware | 2025-05-05 | 8.8 High |
| The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI (Near Field Magnetic Induction) protocol. | ||||
| CVE-2021-33847 | 1 Intel | 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more | 2025-05-05 | 7.8 High |
| Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-33130 | 1 Intel | 2 Realsense Id F450, Realsense Id F450 Firmware | 2025-05-05 | 4.6 Medium |
| Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access. | ||||
| CVE-2021-33120 | 1 Intel | 50 Atom P5921b, Atom P5921b Firmware, Atom P5931b and 47 more | 2025-05-05 | 5.4 Medium |
| Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access. | ||||
| CVE-2021-33105 | 1 Intel | 4 Core I5-8305g, Core I5-8305g Firmware, Core I7-8706g and 1 more | 2025-05-05 | 5.5 Medium |
| Out-of-bounds read in some Intel(R) Core(TM) processors with Radeon(TM) RX Vega M GL integrated graphics before version 21.10 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2021-31239 | 1 Sqlite | 1 Sqlite | 2025-05-05 | 7.5 High |
| An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function. | ||||
| CVE-2021-26950 | 1 Intel | 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more | 2025-05-05 | 5.5 Medium |
| Out of bounds read in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2021-26257 | 1 Intel | 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more | 2025-05-05 | 5.5 Medium |
| Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2021-26254 | 1 Intel | 18 Killer Ac 1550, Killer Ac 1550 Firmware, Killer Wi-fi 6 Ax1650 and 15 more | 2025-05-05 | 5.5 Medium |
| Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable denial of service via local access. | ||||