Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2021-33654

    When performing the initialization operation of the Split operator, if a dimension in the input shape is 0, it will cause a division by 0 exception.... Read more

    Affected Products : mindspore
    • Published: Jun. 27, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33653

    When performing the derivation shape operation of the SpaceToBatch operator, if there is a value of 0 in the parameter block_shape element, it will cause a division by 0 exception.... Read more

    Affected Products : mindspore
    • Published: Jun. 27, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33652

    When the Reduce operator run operation is executed, if there is a value of 0 in the parameter axis_sizes element, it will cause a division by 0 exception.... Read more

    Affected Products : mindspore
    • Published: Jun. 27, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33651

    When performing the analytical operation of the DepthwiseConv2D operator, if the attribute depth_multiplier is 0, it will cause a division by 0 exception.... Read more

    Affected Products : mindspore
    • Published: Jun. 27, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33650

    When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers.... Read more

    Affected Products : mindspore
    • Published: Jun. 27, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33649

    When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the input_shape, it will access data outside of bounds of input_shape which allocated from heap buffers.... Read more

    Affected Products : mindspore
    • Published: Jun. 27, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33648

    When performing the inference shape operation of Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather operators, if the input shape size is 0, it will access data outside of bounds of shape which allocated from heap buffers.... Read more

    Affected Products : mindspore
    • Published: Jun. 27, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33647

    When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers.... Read more

    Affected Products : mindspore
    • Published: Jun. 27, 2022
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2021-33638

    When the isula cp command is used to copy files from a container to a host machine and the container is controlled by an attacker, the attacker can escape the container. ... Read more

    Affected Products : isula
    • Published: Oct. 29, 2023
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2021-33637

    When the isula export command is used to export a container to an image and the container is controlled by an attacker, the attacker can escape the container. ... Read more

    Affected Products : isula
    • Published: Oct. 29, 2023
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2021-33636

    When the isula load command is used to load malicious images, attackers can execute arbitrary code. ... Read more

    Affected Products : isula
    • Published: Oct. 29, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-33635

    When malicious images are pulled by isula pull, attackers can execute arbitrary code.... Read more

    Affected Products : isula
    • Published: Oct. 29, 2023
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2021-33634

    iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS. ... Read more

    Affected Products : icr
    • Published: Oct. 29, 2023
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2021-33633

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in openEuler aops-ceres on Linux allows Command Injection. This vulnerability is associated with program files ceres/function/util.Py. This issue aff... Read more

    Affected Products :
    • Published: Mar. 23, 2024
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2021-33632

    Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in openEuler iSulad on Linux allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This vulnerability is associated with program files https://gitee.Com/openeuler/iSulad/b... Read more

    Affected Products :
    • Published: Mar. 25, 2024
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33629

    isula-build before 0.9.5-6 can cause a program crash, when building container images, some functions for processing external data do not remove spaces when processing data.... Read more

    Affected Products : isula-build
    • Published: Jul. 26, 2021
    • Modified: Nov. 21, 2024

  • 8.2

    HIGH
    CVE-2021-33627

    An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. Software SMI services that use the Communicate... Read more

    • Published: Feb. 03, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-33626

    A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM m... Read more

    • Published: Oct. 01, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33625

    An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of ... Read more

    • Published: Feb. 03, 2022
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2021-33624

    In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Jun. 23, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292803 Results