Lucene search
K

23 matches found

OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1028 TensorFlow vulnerable to `CHECK` fail in `Conv2DBackpropInput`

Impact The implementation of Conv2DBackpropInput requires inputsizes to be 4-dimensional. Otherwise, it gives a CHECK failure which can be used to trigger a denial of service attack: python import tensorflow as tf strides = 1, 1, 1, 1 padding = "SAME" usecudnnongpu = True explicitpaddings =...

5.9CVSS5.9AI score0.00383EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2026/02/06 12:0 a.m.5 views

The vulnerability of the ieee80211_register_hw() function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ieee80211registerhw function in the Linux operating system is related to the copying of buffers without checking the size of the input data a classic buffer overflow attack. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality,...

8CVSS7.3AI score0.00144EPSS
Exploits0References19Affected Software5
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.8 views

X-TRACK security vulnerabilities

X-TRACK is a GPS cycling speedometer developed by VIFEX personal developers, which supports offline maps and track recording. X-TRACK versions 2.7 and earlier had security vulnerabilities, stemming from buffer copying operations in the inflate.C program file, which allowed out-of-bounds writes an...

10CVSS5.9AI score0.00346EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:10 a.m.7 views

CVE-2022-35969

TensorFlow is an open source platform for machine learning. The implementation of Conv2DBackpropInput requires inputsizes to be 4-dimensional. Otherwise, it gives a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

7.5CVSS6.6AI score0.00383EPSS
Exploits0References1
Snyk
Snyk
added 2026/01/01 6:38 a.m.2 views

Allocation of Resources Without Limits or Throttling

Overview nlsq is a GPU/TPU accelerated nonlinear least-squares curve fitting using JAX Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to missing input size validation for arrays and Jacobians. An attacker can cause memory exhaustion by...

5.3CVSS6.7AI score
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-7448

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.0035EPSS
Exploits1References6
OSV
OSV
added 2025/07/27 9:15 p.m.2 views

DEBIAN-CVE-2023-53156

The transpose crate before 0.2.3 for Rust allows an integer overflow via inputwidth and inputheight arguments...

5.3CVSS5.3AI score0.00291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:14 a.m.7 views

CVE-2022-41883

TensorFlow is an open source platform for machine learning. When ops that have specified input sizes receive a differing number of inputs, the executor will crash. We have patched the issue in GitHub commit f5381e0e10b5a61344109c1b7c174c68110f7629. The fix will be included in TensorFlow 2.11. We...

7.5CVSS6.7AI score0.0035EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.10 views

PT-2025-30806

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a warning is triggered on invalid firmware input within the ath6kl module. This warning does not provide useful information and is a frequent...

5.5CVSS6.7AI score0.00172EPSS
Exploits0
OSV
OSV
added 2024/03/06 11:11 a.m.19 views

BIT-TENSORFLOW-2022-41883 Out of bounds segmentation fault due to unequal op inputs in Tensorflow

TensorFlow is an open source platform for machine learning. When ops that have specified input sizes receive a differing number of inputs, the executor will crash. We have patched the issue in GitHub commit f5381e0e10b5a61344109c1b7c174c68110f7629. The fix will be included in TensorFlow 2.11. We...

7.5CVSS7AI score0.0035EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2024/02/14 12:0 a.m.7 views

The vulnerability of the QuTS hero, QTS, and QuTScloud operating systems for network devices from Qnap occurs due to the copying of buffers without checking the size of the input data. This allows attackers to execute arbitrary code.

The vulnerability of the QuTS hero, QTS, and QuTScloud network devices from Qnap operating systems is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.3CVSS7.5AI score0.0058EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.7 views

The vulnerability of the FortiDDoS-F software and the FortiADC application delivery controller, which involves copying buffers without checking the size of the input data, allows attackers to execute arbitrary code or perform arbitrary commands.

The vulnerability of the FortiDDoS-F software-defined security platform and the FortiADC application delivery controller lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code or perform arbitrary...

6.7CVSS7.1AI score0.00244EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVE
added 2023/08/08 5:21 p.m.65 views

CVE-2023-34454

A flaw was found in Snappy-java's shuffle function, which does not check input sizes before beginning operations. This issue could allow an attacker to send malicious input to trigger an overflow error that crashes the program, resulting in a denial of service...

5.9CVSS6.9AI score0.01469EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/08/08 4:49 p.m.39 views

CVE-2023-34453

A flaw was found in Snappy-java's shuffle function, which does not check input sizes before beginning operations. This issue could allow an attacker to send malicious input to trigger an overflow error that crashes the program, resulting in a denial of service...

5.9CVSS6.9AI score0.01707EPSS
Exploits1References3
Snyk
Snyk
added 2022/11/20 9:8 a.m.1 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds in DynamicStitch due to missing validation when it receives a differing number of inputs, such as when it is called with an indices size 1 and a data size 2. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher...

7.5CVSS6.8AI score0.0035EPSS
Exploits1References2
NVD
NVD
added 2022/11/18 9:15 p.m.47 views

CVE-2022-41883

TensorFlow is an open source platform for machine learning. When ops that have specified input sizes receive a differing number of inputs, the executor will crash. We have patched the issue in GitHub commit f5381e0e10b5a61344109c1b7c174c68110f7629. The fix will be included in TensorFlow 2.11. We...

7.5CVSS0.0035EPSS
Exploits1References4
Prion
Prion
added 2022/11/18 9:15 p.m.18 views

Stack overflow

TensorFlow is an open source platform for machine learning. When ops that have specified input sizes receive a differing number of inputs, the executor will crash. We have patched the issue in GitHub commit f5381e0e10b5a61344109c1b7c174c68110f7629. The fix will be included in TensorFlow 2.11. We...

5CVSS7.7AI score0.0035EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2022/11/18 12:0 a.m.5 views

CVE-2022-41883

TensorFlow is an open source platform for machine learning. When ops that have specified input sizes receive a differing number of inputs, the executor will crash. We have patched the issue in GitHub commit f5381e0e10b5a61344109c1b7c174c68110f7629. The fix will be included in TensorFlow 2.11. We...

7.5CVSS6.9AI score0.0035EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/11/18 12:0 a.m.4 views

PT-2022-26114

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.11 TensorFlow version 2.10.1 TensorFlow version 2.9.3 TensorFlow version 2.8.4 Description The issue occurs when ops with specified input sizes receive a differing number of inputs, causing the executor to crash...

7.5CVSS7.1AI score0.0035EPSS
Exploits1References17
OSV
OSV
added 2022/11/18 12:0 a.m.28 views

CVE-2022-41883 Out of bounds segmentation fault due to unequal op inputs in Tensorflow

TensorFlow is an open source platform for machine learning. When ops that have specified input sizes receive a differing number of inputs, the executor will crash. We have patched the issue in GitHub commit f5381e0e10b5a61344109c1b7c174c68110f7629. The fix will be included in TensorFlow 2.11. We...

6.8CVSS7.7AI score0.0035EPSS
Exploits1References6
Rows per page
Query Builder