44 matches found
EUVD-2008-4372
Malware in sbrugna...
EUVD-2019-18470
Malware in sbrugna...
EUVD-2005-0434
Malware in sbrugna...
EUVD-2021-0403
Malware in sbrugna...
EUVD-2021-0307
Malware in sbrugna...
EUVD-2021-0358
Malware in sbrugna...
CVE-2021-29516
TensorFlow is an end-to-end open source platform for machine learning. Calling tf.rawops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of RaggedTensorToVariant...
CVE-2021-29617
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via CHECK-fail in tf.strings.substr with invalid arguments. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3,...
BIT-TENSORFLOW-2021-29619 Segfault in `tf.raw_ops.SparseCountSparseOutput`
TensorFlow is an end-to-end open source platform for machine learning. Passing invalid arguments e.g., discovered via fuzzing to tf.rawops.SparseCountSparseOutput results in segfault. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow...
CVE-2023-50570
An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop. This is disputed because an infinite loop occurs only for cases in which the developer supplies invalid arguments. The product is not intended to always halt for contrived inputs...
CVE-2023-50570
An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop. This is disputed because an infinite loop occurs only for cases in which the developer supplies invalid arguments. The product is not intended to always halt for contrived inputs...
CVE-2023-50570
An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop. This is disputed because an infinite loop occurs only for cases in which the developer supplies invalid arguments. The product is not intended to always halt for contrived inputs...
CVE-2021-26624
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root privileges by...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. A segfault is triggered when invalid arguments are passed as it does not validate for other value but assumes that axis can be either -1 or a value greater than -1...
PT-2021-21771 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: An attacker can trigger a read from outside of bounds of heap allocated data by...
GHSA-WVJW-P9F5-VQ28 Segfault in `tf.raw_ops.SparseCountSparseOutput`
Impact Passing invalid arguments e.g., discovered via fuzzing to tf.rawops.SparseCountSparseOutput results in segfault. Patches We have patched the issue in GitHub commit 82e6203221865de4008445b13c69b6826d2b28d9. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on...
CVE-2021-29619
TensorFlow is an end-to-end open source platform for machine learning. Passing invalid arguments e.g., discovered via fuzzing to tf.rawops.SparseCountSparseOutput results in segfault. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow...
CVE-2021-29619
TensorFlow is an end-to-end open source platform for machine learning. Passing invalid arguments e.g., discovered via fuzzing to tf.rawops.SparseCountSparseOutput results in segfault. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow...
PYSEC-2021-743
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via CHECK-fail in tf.strings.substr with invalid arguments. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3,...
PYSEC-2021-256
TensorFlow is an end-to-end open source platform for machine learning. Passing invalid arguments e.g., discovered via fuzzing to tf.rawops.SparseCountSparseOutput results in segfault. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow...