213 matches found
EUVD-2021-0308
Malware in sbrugna...
EUVD-2021-0285
Malware in sbrugna...
EUVD-2021-0295
Malware in sbrugna...
CVE-2021-29616
TensorFlow is an end-to-end open source platform for machine learning. The implementation of TrySimplifyhttps://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmeticoptimizer.ccL390-L401 has undefined behavior due to...
CVE-2021-29571
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...
BIT-TENSORFLOW-2021-29520 Heap buffer overflow in `Conv3DBackprop*`
TensorFlow is an end-to-end open source platform for machine learning. Missing validation between arguments to tf.rawops.Conv3DBackprop operations can result in heap buffer overflows. This is because the...
BIT-TENSORFLOW-2021-29523 CHECK-fail in AddManySparseToTensorsMap
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.AddManySparseToTensorsMap. This is because the...
BIT-TENSORFLOW-2021-29531 CHECK-fail in tf.raw_ops.EncodePng
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a CHECK fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the...
BIT-TENSORFLOW-2021-29542 Heap buffer overflow in `StringNGrams`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to tf.rawops.StringNGrams. This is because the...
BIT-TENSORFLOW-2021-29554 Division by 0 in `DenseCountSparseOutput`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.DenseCountSparseOutput. This is because the...
BIT-TENSORFLOW-2021-29568 Reference binding to null in `ParameterizedTruncatedNormal`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in tf.rawops.ParameterizedTruncatedNormal. This is because the...
BIT-TENSORFLOW-2021-29570 Heap out of bounds read in `MaxPoolGradWithArgmax`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...
BIT-TENSORFLOW-2021-29575 Overflow/denial of service in `tf.raw_ops.ReverseSequence`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. The...
BIT-TENSORFLOW-2021-29599 Division by zero in TFLite's implementation of `Split`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the Split TFLite operator is vulnerable to a division by zero errorhttps://github.com/tensorflow/tensorflow/blob/e2752089ef7ce9bcf3db0ec618ebd23ea119d0c7/tensorflow/lite/kernels/split.ccL63-L65. An attack...
BIT-TENSORFLOW-2021-29612 Heap buffer overflow in `BandedTriangularSolve`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in Eigen implementation of tf.rawops.BandedTriangularSolve. The...
BIT-TENSORFLOW-2021-29614 Interpreter crash from `tf.io.decode_raw`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.io.decoderaw produces incorrect results and crashes the Python interpreter when combining fixedlength and wider datatypes. The implementation of the padded...
SUSE CVE-2021-29525
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in tf.rawops.Conv2DBackpropInput. This is because the...
SUSE CVE-2021-29524
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in tf.rawops.Conv2DBackpropFilter. This is because the...
SUSE CVE-2021-29586
TensorFlow is an end-to-end open source platform for machine learning. Optimized pooling implementations in TFLite fail to check that the stride arguments are not 0 before calling...
SUSE CVE-2021-29603
TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB write on heap in the TFLite implementation of...