68 matches found
Robustness Analysis against Adversarial Patch Attacks in Fully Unmanned Stores
The advent of convenient and efficient fully unmanned stores equipped with artificial intelligence-based automated checkout systems marks a new era in retail. However, these systems have inherent artificial intelligence security vulnerabilities, which are exploited via adversarial patch attacks,...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection due to an improper parsing of the TypeOne FontBBox. This is due to improper sanitization of the bbox values, which could lead to inconsistencies in font metrics or unexpected behavior. Remediation Upgrade...
The vulnerability of the dcn302_fpu_update_bw_bounding_box() function in the amdgpu kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dcn302fpuupdatebwboundingbox function in the drivers/gpu/drm/amd/display/dc/dml/dcn302/dcn302fpu.c file of the amdgpu kernel in the Linux operating system is related to incorrect calculation of the index. Exploiting this vulnerability may allow an attacker to compromise t...
drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box
...
SUSE CVE-2024-46811
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index may exceed array range within fpuupdatebwboundingbox Why Coverity reports OVERRUN warning. soc.numstates could be 40. But array range of bwparams-clktable.entries is 8. How Assert if soc.numstates great...
UBUNTU-CVE-2024-46811
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index may exceed array range within fpuupdatebwboundingbox Why Coverity reports OVERRUN warning. soc.numstates could be 40. But array range of bwparams-clktable.entries is 8. How Assert if soc.numstates great...
UBUNTU-CVE-2024-35985
In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Prevent vlag from going out of bounds in reweighteevdf It was possible to have pickeevdf return NULL, which then causes a NULL-deref. This turned out to be due to entityeligible returning falsely negative because of ...
PT-2024-7187
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the function dcn302 fpu update bw bounding box in the drm/amd/display module, where an incorrect index calculation can occur. This may allow an attacker to impact...
ghostscript security and bug fix update
9.27-11 - fix for CVE-2023-4042 - Resolves: rhbz2228153 9.27-10 - fix for CVE-2023-38559 - Resolves: rhbz2224371 9.27-9 - fix for CVE-2023-28879 - Resolves: rhbz2188297 9.27-8 - fix embedding of CIDFonts - Resolves: rhbz2169890 9.27-7 - fix bbox device calculating bounding box incorrectly -...
Memory corruption in getBytes32FromBytes() can likely lead to loss of funds
Lines of code Vulnerability details Description The LibBytes library is used to read and store uint128 types compactly for Well functions. The function getBytes32FromBytes will fetch a specific index as bytes32. / @dev Read the ith 32-byte chunk from data. / function getBytes32FromBytesbytes memo...
SUSE CVE-2021-29533
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK failure by passing an empty image to tf.rawops.DrawBoundingBoxes. This is because the...
pdftojson 缓冲区错误漏洞
pdftojson is Johnson Liang open source a pdftotext wrapper . Use bounding box data to generate JSON. pdftojson 94204bb version of a security vulnerability , the vulnerability stems from the component Stream::makeFilterchar, Stream, Object, int there is a stack overflow...
Unckecked rank size in `tf.image.generate_bounding_box_proposals` in Tensorflow
...
GHSA-6X99-GV2V-Q76V FPE in `tf.image.generate_bounding_box_proposals`
Impact When running on GPU, tf.image.generateboundingboxproposals receives a scores input that must be of rank 4 but is not checked. python import tensorflow as tf a = tf.constantvalue=1.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0 b = tf.constantvalue=1...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation due to a missing check of tf.image.generateboundingboxproposals that receives a scores input that must be of rank 4 when running on GPU. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. Referenc...
AZL-11527 CVE-2022-41888 affecting package tensorflow for versions less than 2.11.0-1
TensorFlow is an open source platform for machine learning. When running on GPU, tf.image.generateboundingboxproposals receives a scores input that must be of rank 4 but is not checked. We have patched the issue in GitHub commit cf35502463a88ca7185a99daa7031df60b3c1c98. The fix will be included i...
CVE-2022-41888 Unckecked rank size in `tf.image.generate_bounding_box_proposals` in Tensorflow
TensorFlow is an open source platform for machine learning. When running on GPU, tf.image.generateboundingboxproposals receives a scores input that must be of rank 4 but is not checked. We have patched the issue in GitHub commit cf35502463a88ca7185a99daa7031df60b3c1c98. The fix will be included i...
PT-2022-26119
Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.11 TensorFlow versions 2.10.1, 2.9.3, and 2.8.4 Description TensorFlow is an open source platform for machine learning. When running on GPU, the function tf.image.generate bounding box proposals receives a scores...
CVE-2022-41888
TensorFlow is an open source platform for machine learning. When running on GPU, tf.image.generateboundingboxproposals receives a scores input that must be of rank 4 but is not checked. We have patched the issue in GitHub commit cf35502463a88ca7185a99daa7031df60b3c1c98. The fix will be included i...
GHSA-JQM7-M5Q7-3HM5 TensorFlow vulnerable to `CHECK` fail in `DrawBoundingBoxes`
Impact When DrawBoundingBoxes receives an input boxes that is not of dtype float, it gives a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf import numpy as np arg0=tf.constantvalue=np.random.randomsize=1, 3, 2, 3, shape=1, 3, 2, 3, dtype=tf.half...