10 matches found
Oneflow security vulnerabilities
OneFlow is an open-source deep learning framework developed by OneFlow. Version 0.9.0 of OneFlow contains a security vulnerability. This vulnerability stems from a device ID verification flaw, which may allow a denial-of-service attack by invoking flow.cuda.synchronize with invalid or out-of-rang...
kernel: octeontx2-af: Add validation before accessing cgx and lmac
A bounds-checking error was found in the Linux kernel Marvell OcteonTX2 network driver's initialization code. On systems with newer CN10K RPM or CN10KB RPMUSX hardware, a local user with privileges to initialize the driver can trigger driver probe, causing the driver to make incorrect assumptions...
Insufficient Verification Of Data Authenticity
CometBFT is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is due to improper validation due to incorrect processing and dissemination of invalid block part indices and proof part indices, which could lead to a network halt...
CVE-2022-35939
TensorFlow is an open source platform for machine learning. The ScatterNd function takes an input argument that determines the indices of of the output tensor. An input index greater than the output tensor or less than zero will either write content at the wrong index or trigger a crash. We have...
PYSEC-2021-705
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGrad is vulnerable to a heap buffer overflow. The...
PYSEC-2021-216
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGrad is vulnerable to a heap buffer overflow. The...
PYSEC-2021-216
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGrad is vulnerable to a heap buffer overflow. The...
PT-2021-18330 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: The implementation of tf.raw ops.MaxPoolGr...
PYSEC-2020-277
In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has rank 2. This tensor must be a matrix because code assumes its elements are access...
PT-2020-14268 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 2.3.1 Description: The SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor, specifically that the indices tensor has rank 2, which must be a matrix. Malicio...