Lucene search
K

293 matches found

OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-992 Heap overflow in `QuantizeAndDequantizeV2`

Impact The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. python import tensorflow as tf @tf.function def test:...

4.8CVSS6AI score0.00401EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-976 TensorFlow vulnerable to `CHECK` fail in `QuantizeAndDequantizeV3`

Impact If QuantizeAndDequantizeV3 is given a nonscalar numbits input tensor, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf signedinput = True rangegiven = False narrowrange = False axis = -1 input = tf.constant-3.5, shape=1,...

5.9CVSS5.9AI score0.00396EPSS
Exploits0References7
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1002 Missing validation crashes `QuantizeAndDequantizeV4Grad`

Impact The implementation of tf.rawops.QuantizeAndDequantizeV4Grad does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf tf.rawops.QuantizeAndDequantizeV4Grad gradients=tf.constant1,...

5.5CVSS5.9AI score0.0034EPSS
Exploits1References11
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-548 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation

Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...

9.8CVSS6.7AI score0.00831EPSS
Exploits1References6
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-549 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation

Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...

9.8CVSS6.7AI score0.00831EPSS
Exploits1References6
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-550 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation

Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...

9.8CVSS6.7AI score0.00831EPSS
Exploits1References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.55, there was an out-of-bounds read vulnerability in the pngsetquantize API function. When this function is called without a histogram and th...

8.3CVSS6.9AI score0.00955EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2026/06/23 12:0 a.m.6 views

libpng15 security update

1.5.30-15.1 - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161449 1.5.30-15 - fix CVE-2026-25646: heap buffer overflow in pngsetquantize RHEL-148412...

7.5CVSS6.5AI score0.01052EPSS
Exploits2
OSV
OSV
added 2026/06/07 12:2 a.m.9 views

OSV-2026-868 Use-of-uninitialized-value in vp8_regular_quantize_b_sse4_1

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520318421 Crash type: Use-of-uninitialized-value Crash state: vp8regularquantizebsse41 macroblockyrd vp8rdpickintramode...

5.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.12.0 : libpng (EulerOS-SA-2026-2104)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via pngcreatereadstruct...

8.3CVSS7AI score0.00955EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017766)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017766 advisory. In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c. Tenable has extracted the...

4.3CVSS6.8AI score0.01056EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.8 views

TencentOS Server 2: libpng12 (TSSA-2026:0259)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0259 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

8.3CVSS6.8AI score0.00955EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.6 views

TencentOS Server 3: libpng12 (TSSA-2026:0255)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0255 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.3CVSS6.8AI score0.00955EPSS
Exploits1References2
OSV
OSV
added 2026/04/27 5:34 p.m.10 views

CLSA-2026-1777311274 Fix CVE(s): CVE-2026-22801, CVE-2026-25646

SECURITY UPDATE: Heap buffer over-read in pngwriteimage due to truncation of ptrdifft row stride to pnguint16 - debian/patches/CVE-2026-22801.patch: remove incorrect truncation casts from pngwriteimage16bit, pngwriteimage8bit, and pngimagewritemain so large 65535 and negative row strides are...

8.3CVSS7.2AI score0.00955EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/04/24 10:14 a.m.10 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS7.1AI score0.00955EPSS
Exploits1References7
Oracle linux
Oracle linux
added 2026/04/24 12:0 a.m.8 views

libpng12 security update

1.2.50-10.0.1 - Fix CVE-2026-25646: heap buffer overflow in pngsetquantize Orabug: 39183864...

8.3CVSS5.6AI score0.00955EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/04/23 4:7 p.m.12 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS6.9AI score0.00955EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/04/22 3:44 p.m.10 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS5.9AI score0.00955EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0074: libpng15 (ALINUX3-SA-2026:0074)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0074 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-25646: LIBPNG is a reference library for u...

8.3CVSS7.3AI score0.00955EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.4 views

Fedora 43 : libpng15 (2026-60fce94678)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-60fce94678 advisory. fix CVE-2026-25646: heap buffer overflow in pngsetquantize Tenable has extracted the preceding description block directly from the Fedora security advisory...

8.3CVSS6.1AI score0.00955EPSS
Exploits1References2
Rows per page
Query Builder