vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is not a specific exploit or tool, but rather a collection of vulnerable environments for testing and learning purposes. The repository contains various vulnerable docker...

Google TensorFlow tf.raw_ops.FractionalMaxPoolGraddenial Denial of Service Vulnerability

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow tf.rawops.FractionalMaxPoolGraddenial. A local attacker can exploit this vulnerability to cause a denial of service...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-37608)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow. An attacker can exploit this vulnerability to cause a denial of service situation...

A Look Into Remote Onboarding at Rapid7

Picture this; you accept a new role and walk in on your first day with jitters. You swing the double doors open and are welcomed by the fresh scent of kombucha on tap and the buzz of office chatter. The front desk receptionist welcomes you with a warm “hello!” and a freshly brewed tea or coffee. ...

It’s Time to Prepare for a Rise in Insider Threats

Earlier this year, Tesla discovered that an employee had stolen more than 6,000 files containing sensitive code. The software engineer, who was only employed for two weeks, had been hired as one of the few people who could access these files. This incident highlights the danger that insider threa...

Google TensorFlow heap buffer overflow vulnerability (CNVD-2021-37646)

Google TensorFlow is an end-to-end open source machine learning platform. A heap buffer overflow vulnerability exists in tf.rawops.MaxPool3DGrad in Google TensorFlow. No detailed vulnerability details are provided at this time...

Google TensorFlow LoadAndRemapMatrix Denial of Service Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A denial of service vulnerability exists in the implementation of tf.rawops.LoadAndRemapMatrix in Google TensorFlow. An attacker can exploit this vulnerability to cause a CHECK-failure denial of service...

Google TensorFlow heap out-of-bounds read vulnerability (CNVD-2021-37627)

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds read vulnerability exists in Google TensorFlow. An attacker can exploit the vulnerability to read data outside the boundaries of the heap allocation buffer in "tf.raw\u ops.QuantizeAndDequantizeV3"...

Google TensorFlow divide-by-zero error vulnerability (CNVD-2021-37624)

Google TensorFlow is an end-to-end open source machine learning platform. A divide-by-zero error vulnerability exists in the tf.rawops.QuantizedBatchNormWithGlobalNormalization implementation in Google TensorFlow. An attacker could exploit this vulnerability to cause a denial of service...

Google TensorFlow QuantizedBatchNormWithGlobalNormalization Denial of Service Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow QuantizedBatchNormWithGlobalNormalization. An attacker could exploit the vulnerability to cause a segmentation error, which could lead to a denial of service...

TensorFlow Denial of Service Vulnerability (CNVD-2021-36542)

Google TensorFlow is an end-to-end open source machine learning platform. A denial of service vulnerability exists in TensorFlow. An attacker can exploit this vulnerability by passing empty images to tf.rawops.DrawBoundingBoxes to cause a CHECK failure denial of service...

Google TensorFlow divide-by-zero error vulnerability (CNVD-2021-36562)

Google TensorFlow is an end-to-end open source machine learning platform. A divide-by-zero error vulnerability exists in the tf.rawops.Conv3DBackprop implementation in TensorFlow versions prior to 2.5.0. No detailed vulnerability details are provided at this time...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-37645)

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in tf.rawops.ReverseSequence in Google TensorFlow. A locally authenticated attacker can exploit this vulnerability to cause a denial of service condition...

Google TensorFlow heap buffer overflow vulnerability (CNVD-2021-37648)

Google TensorFlow is an end-to-end open source machine learning platform. A heap buffer overflow vulnerability exists in tf.rawops.FractionalAvgPoolGrad in Google TensorFlow. No detailed vulnerability details are provided at this time...

Google TensorFlow divide-by-zero error vulnerability (CNVD-2021-37625)

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in the tf.rawops.FractionalAvgPool implementation in Google TensorFlow. An attacker can exploit the vulnerability to cause a denial of service...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-37612)

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow. A local, authenticated attacker could exploit this vulnerability to cause a denial of service condition...

Google TensorFlow heap out-of-bounds read vulnerability (CNVD-2021-37643)

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds read vulnerability exists in tf.rawops.MaxPoolGradWithArgmax in Google TensorFlow. An attacker can exploit the vulnerability by constructing inputs to the "tf.raw\u ops.MaxPoolGradWithArgmax"...

Google TensorFlow Heap Read Vulnerability

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a heap read vulnerability. An attacker can exploit the vulnerability to trigger an OOB read from the heap...

Google TensorFlow Stack Overflow Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A stack overflow vulnerability exists in ParseAttrValue in Google TensorFlow. An attacker can exploit the vulnerability to cause a stack overflow...

Google TensorFlow Heap Out-of-Bounds Read Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds read vulnerability exists in the SplitV implementation in Google TensorFlow. No detailed vulnerability details are provided at this time...