29 matches found
CVE-2022-29193
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.TensorSummaryV2 does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack...
How we took part in MLSEC and (almost) won
This summer Kaspersky experts took part in the Machine Learning Security Evasion Competition MLSEC — a series of trials testing contestants ability to create and attack machine learning models. The event is comprised of two main challenges — one for attackers, and the other for defenders. The...
Attack AI systems in Machine Learning Evasion Competition
Today, we are launching MLSEC.IO, an educational Machine Learning Security Evasion Competition MLSEC for the AI and security communities to exercise their muscle to attack critical AI systems in a realistic setting. Hosted and sponsored by Microsoft, alongside NVIDIA, CUJO AI, VM-Ray, and MRG...
vulhub1
This is an open-source collection of vulnerable systems and applications for educational purposes, maintained by phith0n. It provides a controlled environment for learning and practicing penetration testing, vulnerability assessment, and security research. The repository contains various vulnerab...
Google TensorFlow heap buffer overflow vulnerability (CNVD-2021-37648)
Google TensorFlow is an end-to-end open source machine learning platform. A heap buffer overflow vulnerability exists in tf.rawops.FractionalAvgPoolGrad in Google TensorFlow. No detailed vulnerability details are provided at this time...
Exploit for SQL Injection in Zabbix
This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is a collection of vulnerable environments, not a single exploit or tool. The repository contains various vulnerable environments, including CouchDB, ffmpeg, git, and influxdb, among...
vulhub
This is a collection of vulnerable Docker environments, known as Vulhub. It's an open-source project that provides pre-built vulnerable environments for testing and learning purposes. The project is maintained by phith0n and is available on GitHub. The repository contains a variety of vulnerable...
vulhub1
This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is a collection of vulnerable environments for testing and learning purposes, with no pre-existing knowledge of docker required. The repository contains a variety of vulnerable...
New Framework Released to Protect Machine Learning Systems From Adversarial Attacks
Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning ML systems. Called the Adversarial ML Threat Matrix, the initiative is an attempt to...