Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-10 | CVE-2020-26270 | Improper Input Validation vulnerability in Google Tensorflow In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. | 3.3 |
| 2020-12-10 | CVE-2020-26271 | Use of Uninitialized Resource vulnerability in Google Tensorflow In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. | 3.3 |
| 2020-12-10 | CVE-2020-8920 | Unspecified vulnerability in Google Gerrit An information leak vulnerability exists in Gerrit versions prior to 2.14.22, 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where an overoptimization with the FilteredRepository wrapper skips the verification of access on All-Users repositories, allowing an attacker to get read access to all users' personal information associated with their accounts. low complexity google | 3.5 |
| 2020-12-10 | CVE-2020-8919 | Incorrect Authorization vulnerability in Google Gerrit An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges to read all other user's personal account data as well as sub-trees with restricted access. | 3.5 |
| 2020-12-10 | CVE-2020-29668 | Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun. | 3.7 |
| 2020-12-10 | CVE-2020-27351 | Missing Release of Resource after Effective Lifetime vulnerability in Debian Advanced Package Tool Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. | 2.8 |
| 2020-12-09 | CVE-2020-16128 | Information Exposure Through an Error Message vulnerability in Canonical Ubuntu Linux The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. | 3.8 |
| 2020-12-08 | CVE-2020-27758 | A flaw was found in ImageMagick in coders/txt.c. | 3.3 |
| 2020-12-08 | CVE-2020-27757 | A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. | 3.3 |
| 2020-12-08 | CVE-2020-27755 | Unspecified vulnerability in Imagemagick in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. | 3.3 |