Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added last week5 views

ONNX has Null Pointer Dereference in Upsample Version Converter Adapter (Zero Inputs)

Summary Null pointer dereference SIGSEGV in Upsample67::adaptupsample67 onnx/versionconverter/adapters/upsample67.h:31 when convertversion processes a model with an Upsample node that has zero inputs. The adapter accesses node-inputs0-sizes without checking input count. 107-byte PoC crashes on...

5.5CVSS6AI score0.0017EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/12/12 2:3 a.m.2 views

DEBIAN-CVE-2024-47537

GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. And i...

9.8CVSS8.4AI score0.00956EPSS
Exploits0References1
OSV
OSV
added 2024/12/12 2:3 a.m.7 views

AZL-62417 CVE-2024-47537 affecting package gstreamer1 1.20.0-2

GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. And i...

9.8CVSS7.4AI score0.00956EPSS
Exploits0References1
OSV
OSV
added 2022/11/21 8:39 p.m.6 views

GHSA-W58W-79XV-6VCJ Out of bounds segmentation fault due to unequal op inputs in Tensorflow

Impact tf.rawops.DynamicStitch specifies input sizes when it is registered. cpp REGISTEROP"DynamicStitch" .Input"indices: N int32" .Input"data: N T" .Output"merged: T" .Attr"N : int = 1" .Attr"T : type" .SetShapeFnDynamicStitchShapeFunction; When it receives a differing number of inputs, such as...

6.8CVSS7AI score0.0035EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2010/12/08 7:7 p.m.6 views

kernel: drivers/char/nozomi.c: reading uninitialized stack memory

The nttyioctltiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...

1.9CVSS5.8AI score0.0104EPSS
Exploits7References4
Rows per page
Query Builder