Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input via the flow.empty function. An attacker can cause the application to crash or become unresponsive by supplying a negative or excessively large dimension value. Remediation There is no...

EUVD-2025-206481

A dimension validation flaw in the flow.empty component of OneFlow 0.9.0 allows attackers to cause a Denial of Service DoS via a negative or excessively large dimension value...

NumPy < 1.19 DoS

The version of NumPy installed on the remote host is prior to 1.19. It is, therefore, affected by a Buffer overflow vulnerability in the arrayfrompyobj function of fortranobject.c in NumPy 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with...

SUSE CVE-2021-41196

TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is due to the TensorFlow's implementation of pooling operations where the values in the sliding window...

SUSE CVE-2021-41496

Buffer overflow in the arrayfrompyobj function of fortranobject.c in NumPy 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be...

DEBIAN-CVE-2021-41496

Buffer overflow in the arrayfrompyobj function of fortranobject.c in NumPy 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be...

PYSEC-2021-628

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

PYSEC-2021-606

TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is due to the TensorFlow's implementation of pooling operations where the values in the sliding window...

PYSEC-2021-389

TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is due to the TensorFlow's implementation of pooling operations where the values in the sliding window...

PT-2021-23192 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.1 and earlier TensorFlow versions 2.5.2 and earlier TensorFlow versions 2.4.4 and earlier Description: The code for sparse matrix multiplication in TensorFlow is vulnerable to undefin...

EulerOS Virtualization for ARM 64 3.0.2.0 : python-pillow (EulerOS-SA-2019-1709)

According to the version of the python-pillow package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A vulnerability was found in python-pillow. A crafted image file with negative dimensions could cause a buffer to b...

EulerOS 2.0 SP1 : python-pillow (EulerOS-SA-2017-1049)

According to the version of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A vulnerability was found in python-pillow. A crafted image file with negative dimensions could cause a buffer to be under-allocated, leading...

gdk-pixbuf: DoS (GLib error and application abort) due to an integer overflow in the XBM image file format loader

Multiple integer overflows in the readbitmapfiledata function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service application crash via a negative 1 height or 2 width in an XBM file, which triggers a heap-based buffer overflow...