SUSE CVE-2021-37676

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.SparseFillEmptyRows. The shape inference implementation does not validate that the input arguments are not empt...

SUSE CVE-2022-29206

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments. In this case, a reference gets bound to a nullptr during kernel execution. This is...

`SegQueue` creates zero value of any type

Affected versions of this crate called mem::zeroed to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null. The flaw was corrected by avoiding the use of mem::zeroed, using MaybeUninit instead...

Discourse has an unspecified vulnerability (CNVD-2022-05508)

Discourse is an open source community discussion platform that includes community, email and chat room features. The platform includes community, email and chat room features. discourse-footnote has a security vulnerability that could be exploited to trigger null-reference javascript errors...

Discourse 安全漏洞

Discourse is an open source community discussion platform that includes community, email and chat room features. The platform includes community, email and chat room features. discourse-footnote has a security vulnerability that could be exploited to trigger null-reference javascript errors...

PYSEC-2021-623

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for tf.ragged.cross has an undefined behavior due to binding a reference to nullptr. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...

PYSEC-2021-411

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

PYSEC-2021-826

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

CVE-2021-41214

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for tf.ragged.cross has an undefined behavior due to binding a reference to nullptr. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...

GHSA-F5CX-5WR3-5QRC Reference binding to nullptr in boosted trees

Impact An attacker can generate undefined behavior via a reference binding to nullptr in BoostedTreesCalculateBestGainsPerFeature: python import tensorflow as tf tf.rawops.BoostedTreesCalculateBestGainsPerFeature nodeidrange=, statssummarylist=1,2,3, l1=1.0, l2=1.0, treecomplexity =1.0,...

PYSEC-2021-298

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.SparseFillEmptyRows. The shape inference implementation does not validate that the input arguments are not empt...

PYSEC-2021-278

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check...

PYSEC-2021-284

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can generate undefined behavior via a reference binding to nullptr in BoostedTreesCalculateBestGainsPerFeature and similar attack can occur in BoostedTreesCalculateBestFeatureSplitV2. The...

PYSEC-2021-773

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can generate undefined behavior via a reference binding to nullptr in BoostedTreesCalculateBestGainsPerFeature and similar attack can occur in BoostedTreesCalculateBestFeatureSplitV2. The...

CVE-2021-37656

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check...

October 15, 2019-KB4519562 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 and Windows Server 2016

October 15, 2019-KB4519562 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 and Windows Server 2016 Release Date: October 15, 2019 Version: .NET Framework 4.8 The October 15, 2019 update for Windows 10 Version 1607 and Windows Server 2016 includes cumulative reliability...

Google Android system service ContentService suffers from a null object reference vulnerability

Google Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Consortium. A null object reference vulnerability exists in the Google Android system service ContentService. The vulnerability stems from an exception in the parameters passed to t...

Update Rollup 11 for System Center 2012 Virtual Machine Manager Service Pack 1

Update Rollup 11 for System Center 2012 Virtual Machine Manager Service Pack 1 Introduction This article describes the issues that are fixed in Update Rollup 11 for Microsoft System Center 2012 Virtual Machine Manager Service Pack 1 SP1. There is one update available for System Center 2012 SP1...

FIX: Visual Studio 2010 crashes when you try to open a build report in Build Explorer

FIX: Visual Studio 2010 crashes when you try to open a build report in Build Explorer Symptoms Consider the following scenario: You connect to a Microsoft Team Foundation Server TFS 2008 server in Visual Studio 2010 Service Pack 1 SP1. You double-click a build in Build Explorer to try to open a...

CDBurnerXP 4.2.4.1351

Exploit for unknown platform in category remote exploits ===================== CDBurnerXP 4.2.4.1351 ===================== Title: CDBurnerXP 4.2.4.1351 CVE-ID: OSVDB-ID: Author: DrIDE Published: 2009-09-25 Verified: yes view source print? !/usr/bin/env python CDBurnerXP v 4.2.4.1351 Local Crash P...