19 matches found
EUVD-2025-37646
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash...
CVE-2023-37646
creationtimestamp| type| source ---|---|--- 2023-08-08 20:14:12+00:00| seen| https://t.me/cibsecurity/68002...
CVE-2023-37646
An issue in the CAB file extraction function of Bitberry File Opener v23.0 allows attackers to execute a directory traversal...
CVE-2023-37646
An issue in the CAB file extraction function of Bitberry File Opener v23.0 allows attackers to execute a directory traversal...
CVE-2023-37646
CVE-2023-37646 concerns Bitberry File Opener v23.0, where the CAB file extraction function is vulnerable to a directory traversal. The issue arises in the CAB extraction component and is described as allowing local attackers to achieve path traversal with high impact (confidentiality/integrity/av...
CVE-2023-37646
An issue in the CAB file extraction function of Bitberry File Opener v23.0 allows attackers to execute a directory traversal...
CVE-2023-37646
An issue in the CAB file extraction function of Bitberry File Opener v23.0 allows attackers to execute a directory traversal...
a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +95 more potentially affected by CVE-2021-37646 via tensorflow-cpu (>=1.15.0 <=2.3.1)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2021-37646 Source advisory: OSV:GHSA-H6JH-7GV5-28VG...
complaintclassify (=0.0.9) potentially affected by CVE-2021-37646 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37646 Source advisory: OSV:GHSA-H6JH-7GV5-28VG...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4729 more potentially affected by CVE-2021-37646 via tensorflow (>=1.0.1 <=2.3.2)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2021-37646 Source advisory: OSV:GHSA-H6JH-7GV5-28VG...
brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +4 more potentially affected by CVE-2021-37646 via tensorflow-gpu (>=2.4.0 <=2.4.2)
tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =0.1.0.dev98, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-37646 Source advisory: OSV:GHSA-H6JH-7GV5-28VG...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +54 more potentially affected by CVE-2021-37646 via tensorflow (=2.5.0)
tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.1.0.dev2, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 and more Source cves:...
CVE-2021-37646
creationtimestamp| type| source ---|---|--- 2021-08-13 00:40:23+00:00| published-proof-of-concept| https://t.me/cibsecurity/27280...
abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +94 more potentially affected by CVE-2021-37646 via tensorflow (>=2.4.0 <=2.4.2)
tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37646 Source advisory: OSV:PYSEC-2021-268...
accuinsight (>=1.0.62 <=3.0.0rc2), adapt-diagnostics (>=1.2.0 <=1.6.0) +109 more potentially affected by CVE-2021-37646 via tensorflow (>=2.3.0 <=2.3.2)
tensorflow PYPI version =2.3.0, =1.0.62, =1.2.0, =0.1.0, =0.0.1a0, =0.0.1, =1.0.0rc1, =20210206.0.0, =0.1.0.dev1, =0.2.4, =1.0.1.0, =1.0.3 - cardec-cite =1.1.0 and more Source cves: CVE-2021-37646 Source advisory: OSV:PYSEC-2021-268...
complaintclassify (=0.0.9) potentially affected by CVE-2021-37646 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37646 Source advisory: OSV:PYSEC-2021-559...
brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +4 more potentially affected by CVE-2021-37646 via tensorflow-gpu (>=2.4.0 <=2.4.2)
tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =0.1.0.dev98, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-37646 Source advisory: OSV:PYSEC-2021-757...
CVE-2021-37646
CVE-2021-37646 affects TensorFlow: the StringNGrams implementation can overflow when converting a negative, signed ngram_width to an unsigned size during a reserve call, enabling a potential denial-of-service condition. The root cause is a signed-to-unsigned conversion in TF’s string buffer alloc...
CVE-2021-37646 Bad alloc in `StringNGrams` caused by integer conversion in TensorFlow
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The...