643 matches found
BIT-TENSORFLOW-2021-29527 Division by 0 in `QuantizedConv2D`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in tf.rawops.QuantizedConv2D. This is because the...
BIT-TENSORFLOW-2021-29536 Heap buffer overflow in `QuantizedReshape`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedReshape by passing in invalid thresholds for the quantization. This is because the...
BIT-TENSORFLOW-2021-29551 OOB read in `MatrixTriangularSolve`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of MatrixTriangularSolvehttps://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16e798/tensorflow/core/kernels/linalg/matrixtriangularsolveopimpl.hL160-L240 fails to terminate kernel...
BIT-TENSORFLOW-2021-29554 Division by 0 in `DenseCountSparseOutput`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.DenseCountSparseOutput. This is because the...
BIT-TENSORFLOW-2021-29557 Division by 0 in `SparseMatMul`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...
BIT-TENSORFLOW-2021-29566 Heap OOB access in `Dilation2DBackpropInput`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to tf.rawops.Dilation2DBackpropInput. This is because the...
BIT-TENSORFLOW-2021-29568 Reference binding to null in `ParameterizedTruncatedNormal`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in tf.rawops.ParameterizedTruncatedNormal. This is because the...
BIT-TENSORFLOW-2021-29570 Heap out of bounds read in `MaxPoolGradWithArgmax`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...
BIT-TENSORFLOW-2021-29571 Memory corruption in `DrawBoundingBoxesV2`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...
BIT-TENSORFLOW-2021-29572 Reference binding to nullptr in `SdcaOptimizer`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.SdcaOptimizer triggers undefined behavior due to dereferencing a null pointer. The...
BIT-TENSORFLOW-2021-29574 Undefined behavior in `MaxPool3DGradGrad`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPool3DGradGrad exhibits undefined behavior by dereferencing null pointers backing attacker-supplied empty tensors. The...
BIT-TENSORFLOW-2021-29596 Division by zero in TFLite's implementation of `EmbeddingLookup`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the EmbeddingLookup TFLite operator is vulnerable to a division by zero...
BIT-TENSORFLOW-2021-29597 Division by zero in TFLite's implementation of `SpaceToBatchNd`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that one dimension of the block input is 0. Hence, the corresponding value in blockshape is...
BIT-TENSORFLOW-2021-29603 Heap OOB write in TFLite
TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB write on heap in the TFLite implementation of...
BIT-TENSORFLOW-2021-29604 Division by zero in TFLite's implementation of hashtable lookup
TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of hashtable lookup is vulnerable to a division by zero errorhttps://github.com/tensorflow/tensorflow/blob/1a8e885b864c818198a5b2c0cbbeca5a1e833bc8/tensorflow/lite/kernels/hashtablelookup.ccL114-L115 ...
BIT-TENSORFLOW-2021-29611 Incomplete validation in `SparseReshape`
TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseReshape results in a denial of service based on a CHECK-failure. The...
BIT-TENSORFLOW-2021-29615 Stack overflow in `ParseAttrValue` with nested tensors
TensorFlow is an end-to-end open source platform for machine learning. The implementation of ParseAttrValuehttps://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/framework/attrvalueutil.ccL397-L453 can be tricked into stack overflow due to recursion...
BIT-TENSORFLOW-2021-29619 Segfault in `tf.raw_ops.SparseCountSparseOutput`
TensorFlow is an end-to-end open source platform for machine learning. Passing invalid arguments e.g., discovered via fuzzing to tf.rawops.SparseCountSparseOutput results in segfault. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow...
BIT-MAGENTO-2021-28585 Magento Commerce improper input validation in customer customer webapi
Magento versions 2.4.2 and earlier, 2.4.1 and earlier and 2.3.6 and earlier are affected by an Improper input validation vulnerability in the New customer WebAPI.Successful exploitation could allow an attacker to send unsolicited spam e-mails...
CVE-2023-52208
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2...