CWE:
 

Topic
Date
Author
Low
Wirecard Checkout Page 1.0 Price Manipulation
17.11.2015
Martin Sturm


CVEMAP Search Results

CVE
Details
Description
2021-11-05
Medium
CVE-2021-41206

Vendor: Google
Software: Tensorflow
 

 
TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or `CHECK`-fail related crashes but in some scenarios writes and reads from heap populated arrays are also possible. We have discovered these issues internally via tooling while working on improving/testing GPU op determinism. As such, we don't have reproducers and there will be multiple fixes for these issues. These fixes will be included in TensorFlow 2.7.0. We will also cherrypick these commits on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.

 
2021-08-02
Medium
CVE-2021-22442

Vendor: Huawei
Software: Magic ui
 

 
There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

 
2021-06-25
Medium
CVE-2020-4610

Vendor: IBM
Software: Security ver...
 

 
IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local user to execute code due to improper integrity checks. IBM X-Force ID: 184919.

 
2021-06-11
Low
CVE-2021-25388

Vendor: Google
Software: Android
 

 
Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to install arbitrary app.

 
2021-05-11
Low
CVE-2020-26141

Updating...
 

 
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.

 
Medium
CVE-2021-31913

Vendor: Jetbrains
Software: Teamcity
 

 
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange.

 
2021-02-06
Medium
CVE-2020-9118

Updating...
 

 
There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device. Affected product versions include:AIS-BW80H-00 versions 9.0.3.1(H100SP13C00),9.0.3.1(H100SP18C00),9.0.3.1(H100SP3C00),9.0.3.1(H100SP9C00),9.0.3.2(H100SP1C00),9.0.3.2(H100SP2C00),9.0.3.2(H100SP5C00),9.0.3.2(H100SP8C00),9.0.3.3(H100SP1C00).

 
2021-01-28
Low
CVE-2021-20184

Vendor: Moodle
Software: Moodle
 

 
It was found in Moodle before version 3.10.1, 3.9.4 and 3.8.7 that a insufficient capability checks in some grade related web services meant students were able to view other students grades.

 
2020-12-15
High
CVE-2020-25758

Updating...
 

 
An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root.

 
2020-12-14
Medium
CVE-2020-5637

Updating...
 

 
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top