CVE-2021-37675

TensorFlow is an end-to-end open source platform for machine learning. In affected versions most implementations of convolution operators in TensorFlow are affected by a division by 0 vulnerability where an attacker can trigger a denial of service via a crash. The shape inference implementation i...

Heavy-Tailed Privacy: the Symmetric Alpha-Stable Privacy Mechanism

With the rapid growth of digital platforms, there is increasing apprehension about how personal data is collected, stored, and used by various entities. These concerns arise from the increasing frequency of data breaches, cyber-attacks, and misuse of personal information for targeted advertising...

Blockchain Meets Adaptive Honeypots: a Trust-Aware Approach to Next-Gen IoT Security

Edge computing-based Next-Generation Wireless Networks NGWN-IoT offer enhanced bandwidth capacity for large-scale service provisioning but remain vulnerable to evolving cyber threats. Existing intrusion detection and prevention methods provide limited security as adversaries continually adapt the...

TensorFlow has Floating Point Exception in TFLite in conv kernel

...

BIT-TENSORFLOW-2021-29594 Division by zero in TFLite's convolution code

TensorFlow is an end-to-end open source platform for machine learning. TFLite's convolution codehttps://github.com/tensorflow/tensorflow/blob/09c73bca7d648e961dd05898292d91a8322a9d45/tensorflow/lite/kernels/conv.cc has multiple division where the divisor is controlled by the user and not checked ...

BIT-TENSORFLOW-2022-21725 Division by zero in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure ...

BIT-TENSORFLOW-2022-21741 Division by zero in TFLite

Tensorflow is an Open Source Machine Learning Framework. Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to...

SUSE CVE-2023-25661

TensorFlow is an Open Source Machine Learning Framework. In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model Check Failed and can be used to trigger a denial of service attack. A proof of concept can be constructed with the Convolution3DTranspose function. This...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a malicious invalid input with zero dimension, which crashes a TensorFlow model Check Failed. Note: An attacker must have privilege to provide input to a Convolution3DTranspose call. PoC import tensorflow as...

CVE-2023-27579 TensorFlow has Floating Point Exception in TFLite in conv kernel

TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1...

SUSE CVE-2015-6773

The convolution implementation in Skia, as used in Google Chrome before 47.0.2526.73, does not properly constrain row lengths, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified other impact via crafted graphics data...

SUSE CVE-2017-3070

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution...

SUSE CVE-2020-20898

Integer Overflow vulnerability in function filter16prewitt in libavfilter/vfconvolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts...

SUSE CVE-2021-29527

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in tf.rawops.QuantizedConv2D. This is because the...

SUSE CVE-2021-29594

TensorFlow is an end-to-end open source platform for machine learning. TFLite's convolution codehttps://github.com/tensorflow/tensorflow/blob/09c73bca7d648e961dd05898292d91a8322a9d45/tensorflow/lite/kernels/conv.cc has multiple division where the divisor is controlled by the user and not checked ...

SUSE CVE-2021-29602

TensorFlow is an end-to-end open source platform for machine learning. The implementation of the DepthwiseConv TFLite operator is vulnerable to a division by zero...

SUSE CVE-2021-38091

Integer Overflow vulnerability in function filter16sobel in libavfilter/vfconvolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts...

SUSE CVE-2021-38093

Integer Overflow vulnerability in function filterrobert in libavfilter/vfconvolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts...

SUSE CVE-2021-38094

Integer Overflow vulnerability in function filtersobel in libavfilter/vfconvolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts...

SUSE CVE-2022-21741

Tensorflow is an Open Source Machine Learning Framework. Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to...