Lucene search
+L

24 matches found

cvelist
cvelist
added 2026/06/12 10:9 p.m.34 views

CVE-2025-7008 Avast antivirus heap buffer OOB read when scanning a malformed PE file

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast...

7.8CVSS0.00146EPSS
Exploits0References1
nessus
nessus
added 2026/05/29 12:0 a.m.35 views

RockyLinux 8 : dnsmasq (RLSA-2026:20589)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:20589 advisory. dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890 dnsmasq:...

8.8CVSS6AI score0.07237EPSS
Exploits3References11
osv
osv
added 2026/04/09 12:0 p.m.3 views

RUSTSEC-2026-0093 Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hx6p-xpx3-jvvv For more information see the GitHub-hosted security advisory...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-0291

Malicious code in bioql PyPI...

8.1CVSS8AI score0.01125EPSS
Exploits1References8
osv
osv
added 2024/03/06 11:16 a.m.20 views

BIT-TENSORFLOW-2021-41211 Heap OOB read in shape inference for `QuantizeV2`

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array. This occurs whenever axis is a negative value less than -1. In this case, we are accessing data before the start o...

7.1CVSS6.8AI score0.00201EPSS
Exploits1References3
osv
osv
added 2024/03/06 11:15 a.m.19 views

BIT-TENSORFLOW-2022-21728 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

8.1CVSS7.9AI score0.01125EPSS
Exploits1References5
osv
osv
added 2024/03/06 11:11 a.m.19 views

BIT-TENSORFLOW-2022-41880 ThreadUnsafeUnigramCandidateSampler Heap out of bounds in Tensorflow

TensorFlow is an open source platform for machine learning. When the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob read occurs. We have patched the issue in GitHub commit b389f5c944cadfdfe599b3f1e4026e036f30d2d4. The fix will be included in...

9.1CVSS7.7AI score0.0038EPSS
Exploits1References4
nessus
nessus
added 2023/03/20 12:0 a.m.34 views

CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41880)

The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41880 advisory. - TensorFlow is an open source platform for machine learning. When the BaseCandidateSamplerOp function...

9.1CVSS8.3AI score0.0038EPSS
Exploits1References2
cve
cve
added 2022/11/18 12:0 a.m.91 views

CVE-2022-41880

TensorFlow CVE-2022-41880 describes a heap-based out-of-bounds read in BaseCandidateSamplerOp when true_classes contains a value greater than range_max. A patch was committed (b389f5c944cadfdfe599b3f1e4026e036f30d2d4) and the fix is scheduled for TensorFlow 2.11, with cherry-picks to 2.10.1, 2.9....

9.1CVSS7.8AI score0.0038EPSS
Exploits1References3Affected Software1
github
github
added 2022/02/09 11:52 p.m.36 views

Integer overflow in TFLite

Impact An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations: cc int embeddingsize = 1; int lookupsize = 1; for int i = 0; i data.i32i; lookupsize = dim; outputshape-datak = dim; for int i = 1; i datak = dim; Both embeddingsize and lookupsize are...

8.8CVSS1.1AI score0.01173EPSS
Exploits1References9Affected Software3
github
github
added 2022/02/09 11:31 p.m.31 views

Out of bounds read in Tensorflow

Impact TensorFlow's type inference can cause a heap OOB read as the bounds checking is done in a DCHECK which is a no-op during production: cc if nodet.typeid != TFTUNSET int ix = inputidxi; DCHECKix nodet.argssize "input " i " should have an output " ix " but instead only has " nodet.argssize "...

8.1CVSS0.1AI score0.00858EPSS
Exploits1References7Affected Software3
nvd
nvd
added 2022/02/04 11:15 p.m.38 views

CVE-2022-23559

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS0.01173EPSS
Exploits1References5
prion
prion
added 2022/02/04 11:15 p.m.21 views

Integer overflow

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

6.5CVSS8.7AI score0.01173EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2022/02/04 10:32 p.m.38 views

CVE-2022-23559 Integer overflow in TFLite

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS9AI score0.01173EPSS
Exploits1References5
cvelist
cvelist
added 2022/02/04 10:32 p.m.27 views

CVE-2022-23594 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The TFG dialect of TensorFlow MLIR makes several assumptions about the incoming GraphDef before converting it to the MLIR-based dialect. If an attacker changes the SavedModel format on disk to invalidate these assumptions and the GraphDef i...

8.8CVSS9AI score0.00142EPSS
Exploits0References2
nvd
nvd
added 2022/02/03 11:15 a.m.31 views

CVE-2022-21728

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

8.1CVSS0.01125EPSS
Exploits1References4
cve
cve
added 2022/02/03 10:55 a.m.125 views

CVE-2022-21728

CVE-2022-21728 affects TensorFlow: ReverseSequence shape-inference can yield a heap-based out-of-bounds read because batch_dim is checked for being too large but not for negative values. The mitigation path is a forthcoming fix in TensorFlow 2.8.0, with cherry-picks into 2.7.1, 2.6.3, and 2.5.3. ...

8.1CVSS8AI score0.01125EPSS
Exploits1References4Affected Software1
attackerkb
attackerkb
added 2021/11/05 9:15 p.m.4 views

CVE-2021-41211

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array. This occurs whenever axis is a negative value less than -1. In this case, we are accessing data before the start o...

7.1CVSS7.1AI score0.00201EPSS
Exploits1References3Affected Software1
osv
osv
added 2021/11/05 9:15 p.m.25 views

PYSEC-2021-620

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array. This occurs whenever axis is a negative value less than -1. In this case, we are accessing data before the start o...

7.1CVSS1.9AI score0.00201EPSS
Exploits1References2
cvelist
cvelist
added 2021/11/05 8:20 p.m.32 views

CVE-2021-41224 `SparseFillEmptyRows` heap OOB read

TensorFlow is an open source platform for machine learning. In affected versions the implementation of SparseFillEmptyRows can be made to trigger a heap OOB access. This occurs whenever the size of indices does not match the size of values. The fix will be included in TensorFlow 2.7.0. We will al...

7.1CVSS7.1AI score0.00201EPSS
Exploits1References2
Rows per page
Query Builder