It’s Time to Prepare for a Rise in Insider Threats

Earlier this year, Tesla discovered that an employee had stolen more than 6,000 files containing sensitive code. The software engineer, who was only employed for two weeks, had been hired as one of the few people who could access these files. This incident highlights the danger that insider threa...

Google TensorFlow divide-by-zero error vulnerability (CNVD-2021-37624)

Google TensorFlow is an end-to-end open source machine learning platform. A divide-by-zero error vulnerability exists in the tf.rawops.QuantizedBatchNormWithGlobalNormalization implementation in Google TensorFlow. An attacker could exploit this vulnerability to cause a denial of service...

Google TensorFlow QuantizedBatchNormWithGlobalNormalization Denial of Service Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow QuantizedBatchNormWithGlobalNormalization. An attacker could exploit the vulnerability to cause a segmentation error, which could lead to a denial of service...

Google TensorFlow divide-by-zero error vulnerability (CNVD-2021-37625)

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in the tf.rawops.FractionalAvgPool implementation in Google TensorFlow. An attacker can exploit the vulnerability to cause a denial of service...

Google TensorFlow heap buffer overflow vulnerability (CNVD-2021-37646)

Google TensorFlow is an end-to-end open source machine learning platform. A heap buffer overflow vulnerability exists in tf.rawops.MaxPool3DGrad in Google TensorFlow. No detailed vulnerability details are provided at this time...

TensorFlow Denial of Service Vulnerability (CNVD-2021-36542)

Google TensorFlow is an end-to-end open source machine learning platform. A denial of service vulnerability exists in TensorFlow. An attacker can exploit this vulnerability by passing empty images to tf.rawops.DrawBoundingBoxes to cause a CHECK failure denial of service...

Google TensorFlow heap out-of-bounds read vulnerability (CNVD-2021-37627)

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds read vulnerability exists in Google TensorFlow. An attacker can exploit the vulnerability to read data outside the boundaries of the heap allocation buffer in "tf.raw\u ops.QuantizeAndDequantizeV3"...

Google TensorFlow heap buffer overflow vulnerability (CNVD-2021-37648)

Google TensorFlow is an end-to-end open source machine learning platform. A heap buffer overflow vulnerability exists in tf.rawops.FractionalAvgPoolGrad in Google TensorFlow. No detailed vulnerability details are provided at this time...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-37612)

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow. A local, authenticated attacker could exploit this vulnerability to cause a denial of service condition...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-37645)

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in tf.rawops.ReverseSequence in Google TensorFlow. A locally authenticated attacker can exploit this vulnerability to cause a denial of service condition...

Google TensorFlow heap out-of-bounds read vulnerability (CNVD-2021-37643)

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds read vulnerability exists in tf.rawops.MaxPoolGradWithArgmax in Google TensorFlow. An attacker can exploit the vulnerability by constructing inputs to the "tf.raw\u ops.MaxPoolGradWithArgmax"...

Google TensorFlow divide-by-zero error vulnerability (CNVD-2021-36562)

Google TensorFlow is an end-to-end open source machine learning platform. A divide-by-zero error vulnerability exists in the tf.rawops.Conv3DBackprop implementation in TensorFlow versions prior to 2.5.0. No detailed vulnerability details are provided at this time...

Google TensorFlow LoadAndRemapMatrix Denial of Service Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A denial of service vulnerability exists in the implementation of tf.rawops.LoadAndRemapMatrix in Google TensorFlow. An attacker can exploit this vulnerability to cause a CHECK-failure denial of service...

Google TensorFlow Integer Overflow Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. An integer overflow vulnerability exists in the code used to allocate TFLiteIntArray in Google TensorFlow. An attacker can exploit the vulnerability via a specially crafted model to cause dereferencing of invalid pointers...

Google TensorFlow integer overflow vulnerability (CNVD-2021-36346)

Google TensorFlow is an end-to-end open source machine learning platform. An integer overflow vulnerability exists in concatentation in Google TensorFlow. No detailed vulnerability details are provided at this time...

Google TensorFlow suffers from an unspecified vulnerability (CNVD-2021-36361)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from an unspecified vulnerability that stems from passing invalid parameters to tf.rawops.SparseCountSparseOutput.No details of the vulnerability are provided at this...

Google TensorFlow Heap Out-of-Bounds Read Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds read vulnerability exists in the SplitV implementation in Google TensorFlow. No detailed vulnerability details are provided at this time...

Google TensorFlow divide-by-zero error vulnerability (CNVD-2021-36349)

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in the hash table lookup in Google TensorFlow. No details of the vulnerability are provided at this time...

Google TensorFlow heap out-of-bounds write vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds write vulnerability exists in ArgMin/ArgMax in Google TensorFlow. No detailed vulnerability details are provided at this time...

Google TensorFlow Heap Read Vulnerability

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a heap read vulnerability. An attacker can exploit the vulnerability to trigger an OOB read from the heap...