The function removeDelegation doesn't work

Lines of code Vulnerability details When a delegation is created with the function delegate, the ID of its NFT tokenId is added in the array checkpointstoTokenIdnCheckpoints - 1; where toTokenId is the ID of NFT the user delegates its NFT to. When an user removes the delegation of his NFT with th...

Users can cause other users' delegations to be undone

Lines of code Vulnerability details Impact Users can be blocked by other users, from being able to delegate Proof of Concept The writeCheckpoint function looks up the existing checkpoint and attempts to update its delegation array if one exists line 104: File:...

THE FIRST AMM STAKER MAY NOT RECEIVE ACCORDING REWARDS BECAUSE OF POOR CHECKPOINTS

Lines of code Vulnerability details Impact The first staker within the AmmGauge may not get the rewards if the pool is not checkpointed right after he stakes and before he wants to claim the rewards. Proof of Concept A testing environment that reproduces how the protocol is going to be deployed a...

CVE-2021-41203

TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and CHECK-fail crashes if they can change saved checkpoints from outside of TensorFlow. This is because the checkpoints loading infrastructure ...

PYSEC-2021-811

TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and CHECK-fail crashes if they can change saved checkpoints from outside of TensorFlow. This is because the checkpoints loading infrastructure ...

CVE-2021-41203 Missing validation during checkpoint loading

TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and CHECK-fail crashes if they can change saved checkpoints from outside of TensorFlow. This is because the checkpoints loading infrastructure ...

CVE-2021-41203

TensorFlow vulnerability CVE-2021-41203 (checkpoint loading) is due to missing validation for invalid checkpoint file formats. This allows a local attacker to trigger undefined behavior, integer overflows, segfaults, and CHECK-fail crashes by altering saved checkpoints from outside TensorFlow. Af...

CVE-2020-5215

In TensorFlow before 1.15.2 and 2.0.1, converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker c...

CVE-2020-5215

CVE-2020-5215 affects TensorFlow before 1.15.2 and 2.0.1, where converting a Python string to tf.float16 in eager mode can trigger a segmentation fault. The issue arises because format checks for this use case exist only in graph mode, potentially enabling denial of service during inference/train...

CVE-2020-5215 Segmentation faultin TensorFlow when converting a Python string to tf.float16

In TensorFlow before 1.15.2 and 2.0.1, converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker c...

GHSA-MW6V-CRH8-8533 Integer Overflow or Wraparound in Google TensorFlow

Issue Description Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent. The block size in meta file might contain a large int64 value which causes an integer overflow upon addition. Subsequent code using n as index may...

Backing Up Hyper-V Guest Cluster Based on VHD Set

Challenge VHD Set is a new shared Virtual Disk model for guest clusters in Windows Server 2016 and later. VHD Set files can be included in application-consistent checkpoints and backed up, but there are some limitations. Cause Please make sure the following requirements are met: Each guest VM...