CVE-2021-41200

TensorFlow is an open source platform for machine learning. In affected versions if tf.summary.createfilewriter is called with non-scalar arguments code crashes due to a CHECK-fail. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow...

CVE-2022-23564

Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow...

CVE-2022-35991

TensorFlow is an open source platform for machine learning. When TensorListScatter and TensorListScatterV2 receive an elementshape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...

CVE-2022-35992

TensorFlow is an open source platform for machine learning. When TensorListFromTensor receives an elementshape of a rank greater than one, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 3db59a042a38f4338aa207922fa2f476e000a6ee. The fi...

CVE-2023-25676

TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...

CVE-2021-41206

TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or CHECK-fail related crashes...

CVE-2022-23594

Tensorflow is an Open Source Machine Learning Framework. The TFG dialect of TensorFlow MLIR makes several assumptions about the incoming GraphDef before converting it to the MLIR-based dialect. If an attacker changes the SavedModel format on disk to invalidate these assumptions and the GraphDef i...

CVE-2022-23560

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

CVE-2022-23584

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow 2.8.0. ...

CVE-2022-35939

TensorFlow is an open source platform for machine learning. The ScatterNd function takes an input argument that determines the indices of of the output tensor. An input index greater than the output tensor or less than zero will either write content at the wrong index or trigger a crash. We have...

CVE-2022-35938

TensorFlow is an open source platform for machine learning. The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. This issue has been...

Unified Framework for Qualifying Security Boundary of PUFs against Machine Learning Attacks

Physical Unclonable Functions PUFs serve as lightweight, hardware-intrinsic entropy sources widely deployed in IoT security applications. However, delay-based PUFs are vulnerable to Machine Learning Attacks MLAs, undermining their assumed unclonability. There are no valid metrics for evaluating P...

How Cisco Talos powers the solutions protecting your organization

Cisco Talos is Cisco's threat intelligence and security research organization that powers Cisco's product portfolio with that intelligence. While we are well known for the security research in our blog, vulnerability discoveries, and our open-source software, you may not be aware of exactly how o...

Threat Detection in Social Media Networks Using Machine Learning Based Network Analysis

The accelerated development of social media websites has posed intricate security issues in cyberspace, where these sites have increasingly become victims of criminal activities including attempts to intrude into them, abnormal traffic patterns, and organized attacks. The conventional rule-based...

Integrating Multi-Agent Simulation, Behavioral Forensics, and Trust-Aware Machine Learning for Adaptive Insider Threat Detection

We present a hybrid framework for adaptive insider-threat detection that tightly integrates multi-agent simulation MAS, layered Security Information and Event Management SIEM correlation, behavioral and communication forensics, trust-aware machine learning, and Theory-of-Mind ToM reasoning...

AI-Powered Hybrid Intrusion Detection Framework for Cloud Security Using Novel Metaheuristic Optimization

Cybersecurity poses considerable problems to Cloud Computing CC, especially regarding Intrusion Detection Systems IDSs, facing difficulties with skewed datasets and suboptimal classification model performance. This study presents the Hybrid Intrusion Detection System HyIDS, an innovative IDS that...

PT-2026-1142

Name of the Vulnerable Software and Affected Versions Cloudflare affected versions not specified Description A buffer overflow exists in a simulated API. The issue is identified with a hypothetical identifier. The risk assessment is medium overall, and mitigation is suggested with patches. The...

Towards Eco Friendly Cybersecurity: Machine Learning Based Anomaly Detection with Carbon and Energy Metrics

The rising energy footprint of artificial intelligence has become a measurable component of US data center emissions, yet cybersecurity research seldom considers its environmental cost. This study introduces an eco aware anomaly detection framework that unifies machine learning based network...

Quantum Machine Learning Approaches for Coordinated Stealth Attack Detection in Distributed Generation Systems

Coordinated stealth attacks are a serious cybersecurity threat to distributed generation systems because they modify control and measurement signals while remaining close to normal behavior, making them difficult to detect using standard intrusion detection methods. This study investigates quantu...

cyber-attack-detection-main

🔥 Smart Firewall with Machine Learning WAF + ML Đồ án d...