10 matches found
PYSEC-2026-975 TensorFlow vulnerable to `CHECK` fail in `LRNGrad`
Impact If LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf depthradius = 1 bias = 1.59018219 alpha = 0.117728651 beta = 0.404427052 inputgrads = tf.random.uniformshape=4,...
FlashVault: Versatile In-NAND Self-Encryption with Zero Area Overhead
We present FlashVault, an in-NAND self-encryption architecture that embeds a reconfigurable cryptographic engine into the unused silicon area of a state-of-the-art 4D V-NAND structure. FlashVault supports not only block ciphers for data encryption but also public-key and post-quantum algorithms f...
The vulnerability of the SCADA system MasterSCADA 4D, related to insufficient restrictions on authentication attempts, allows a perpetrator to carry out an attack using brute-force methods.
The vulnerability of the SCADA system MasterSCADA 4D is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to carry out an attack using brute-force methods...
Maxon Cinema 4D 安全漏洞
Maxon Cinema 4D is a 3D drawing software from Maxon, a German company. A security vulnerability exists in Maxon Cinema 4D that originates from a post-release reuse vulnerability in the analysis of SKP files. An attacker can exploit the vulnerability to execute remote code...
SUSE CVE-2022-35969
TensorFlow is an open source platform for machine learning. The implementation of Conv2DBackpropInput requires inputsizes to be 4-dimensional. Otherwise, it gives a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
SUSE CVE-2022-35985
TensorFlow is an open source platform for machine learning. If LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255. The...
PT-2022-23068
Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description The implementation of Conv2DBackpropInput requires input sizes to be 4-dimensiona...
Google TensorFlow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A security vulnerability exists in Google TensorFlow, which stems from the fact that if LRNGrad is given an outputimage input tensor that is not 4-D, it will cause an...
PT-2022-23083
Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description The issue arises when the LRNGrad function is given an output image input tensor...
Google TensorFlow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google. Google TensorFlow has a security vulnerability that stems from the fact that the implementation of Conv2DBackpropInput requires inputsizes to be 4-dimensional. Otherwise, it gives an assertion failu...