GHSA-RG4M-GWW5-7P47 Free of uninitialized memory in adtensor

An issue was discovered in the adtensor crate through 0.0.3 for Rust. There is a drop of uninitialized memory via the FromIterator implementation for Vector and Matrix...

Free of uninitialized memory in adtensor

An issue was discovered in the adtensor crate through 0.0.3 for Rust. There is a drop of uninitialized memory via the FromIterator implementation for Vector and Matrix...

Double free in linea

Affected versions of this crate did not properly implements the Matrix::zipelements method, which causes an double free when the given trait implementation might panic. This allows an attacker to corrupt or take control of the memory...

GHSA-6P5R-G9MQ-GGH2 Reference binding to nullptr in `MatrixSetDiagV*` ops

Impact An attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixSetDiagV: python import tensorflow as tf tf.rawops.MatrixSetDiagV3 input=1,2,3, diagonal=1,1, k=, align='RIGHTLEFT' The implementation has incomplete validation that t...

Use of Uninitialized Resource in alg_ds

An issue was discovered in the algds crate through 2020-08-25 for Rust. Matrix::new internally calls Matrix::fillwith which uses ptr = value pattern to initialize the buffer. This pattern assumes that there is an initialized struct at the address and drops it, which results in dropping of...

Free of uninitialized memory in adtensor

An issue was discovered in the adtensor crate through 0.0.3 for Rust. There is a drop of uninitialized memory via the FromIterator implementation for Vector and Matrix...

Matrix clients -- several vulnerabilities

Matrix developers report: Today we are disclosing a critical security issue affecting multiple Matrix clients and libraries including Element Web/Desktop/Android, FluffyChat, Nheko, Cinny, and SchildiChat. Specifically, in certain circumstances it may be possible to trick vulnerable clients into...

PYSEC-2021-768

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixDiagV. The implementation has incomplete validation that the value of k is a valid...

PYSEC-2021-571

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixSetDiagV. The implementation has incomplete validation that the value of k is a...

PYSEC-2021-280

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixSetDiagV. The implementation has incomplete validation that the value of k is a...

PYSEC-2021-769

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixSetDiagV. The implementation has incomplete validation that the value of k is a...

PYSEC-2021-768

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixDiagV. The implementation has incomplete validation that the value of k is a valid...

PYSEC-2021-265

TensorFlow is an end-to-end open source platform for machine learning. If a user does not provide a valid padding value to tf.rawops.MatrixDiagPartOp, then the code triggers a null pointer dereference if input is empty or produces invalid behavior, ignoring all values after the first. The...

CVE-2021-37643

TensorFlow is an end-to-end open source platform for machine learning. If a user does not provide a valid padding value to tf.rawops.MatrixDiagPartOp, then the code triggers a null pointer dereference if input is empty or produces invalid behavior, ignoring all values after the first. The...

PYSEC-2021-754

TensorFlow is an end-to-end open source platform for machine learning. If a user does not provide a valid padding value to tf.rawops.MatrixDiagPartOp, then the code triggers a null pointer dereference if input is empty or produces invalid behavior, ignoring all values after the first. The...

PYSEC-2021-265

TensorFlow is an end-to-end open source platform for machine learning. If a user does not provide a valid padding value to tf.rawops.MatrixDiagPartOp, then the code triggers a null pointer dereference if input is empty or produces invalid behavior, ignoring all values after the first. The...

PYSEC-2021-556

TensorFlow is an end-to-end open source platform for machine learning. If a user does not provide a valid padding value to tf.rawops.MatrixDiagPartOp, then the code triggers a null pointer dereference if input is empty or produces invalid behavior, ignoring all values after the first. The...

PYSEC-2021-754

TensorFlow is an end-to-end open source platform for machine learning. If a user does not provide a valid padding value to tf.rawops.MatrixDiagPartOp, then the code triggers a null pointer dereference if input is empty or produces invalid behavior, ignoring all values after the first. The...

CVE-2021-37643

TensorFlow is an end-to-end open source platform for machine learning. If a user does not provide a valid padding value to tf.rawops.MatrixDiagPartOp, then the code triggers a null pointer dereference if input is empty or produces invalid behavior, ignoring all values after the first. The...

Google TensorFlow缓冲区错误漏洞

Google TensorFlow is an end-to-end open-source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which could be exploited by an attacker to bind a reference to a null pointer in all operations of type "tf.rawops.MatrixDiagV" to cause undefined...