25 matches found
HackTheBox
HackTheBox — Writeups, Tooling & Exploitation Pipelines A wor...
Public-Key Quantum Authentication and Digital Signature Schemes Based on the QMA-Complete Problem
We propose a quantum authentication and digital signature protocol whose security is founded on the Quantum Merlin ArthurQMA-completeness of the consistency of local density matrices. The protocol functions as a true public-key cryptography system, where the public key is a set of local density...
On Key Exchange Protocol Based on Two-Side Multiplication Action
We present a cryptanalysis of a key exchange protocol based on the digital semiring. For this purpose, we find the maximal solution of a linear system over such semiring, and use the properties of circulant matrix to demonstrate that the protocol is vulnerable. Specifically, we provide an efficie...
Differentially Private Distribution Release of Gaussian Mixture Models Via KL-Divergence Minimization
Gaussian Mixture Models GMMs are widely used statistical models for representing multi-modal data distributions, with numerous applications in data mining, pattern recognition, data simulation, and machine learning. However, recent research has shown that releasing GMM parameters poses significan...
Key Exchange Protocol Based on Circulant Matrix Action over Congruence-Simple Semiring
We present a new key exchange protocol based on circulant matrices acting on matrices over a congruence-simple semiring. We describe how to compute matrices with the necessary properties for the implementation of the protocol. Additionally, we provide an analysis of its computational cost and its...
BIT-TENSORFLOW-2021-29545 Heap buffer overflow in `SparseTensorToCSRSparseMatrix`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in converting sparse tensors to CSR Sparse matrices. This is because the...
How to Think Like a Hacker and Stay Ahead of Threats
To succeed as a cybersecurity analyst, you need to understand the traits, values, and thought processes of hackers, along with the tools they use to launch their attacks. During a webinar called The Hacker Mindset, a Red Team Researcher shared how you can use some of these tools for your own...
NumPy has an unspecified vulnerability
NumPy is a Python scientific computing package. The product supports a large number of dimensional arrays and matrices, while providing a large library of mathematical functions for data operations. numPy 1.19 has a security vulnerability that stems from a null pointer dereference vulnerability i...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. A double redirection to access an element of an array allocated on the heap occurs when CHECK-fail in converting sparse tensors to CSR Sparse matrices in SparseTensorToCSRSparseMatrix, allowing an attacker to crash the application...
CVE-2021-29545
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in converting sparse tensors to CSR Sparse matrices. This is because the...
Out-of-bounds
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in converting sparse tensors to CSR Sparse matrices. This is because the...
PYSEC-2021-182
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in converting sparse tensors to CSR Sparse matrices. This is because the...
CVE-2021-29545 Heap buffer overflow in `SparseTensorToCSRSparseMatrix`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in converting sparse tensors to CSR Sparse matrices. This is because the...
CVE-2021-29545
CVE-2021-29545 concerns TensorFlow and describes a heap-based out-of-bounds issue in SparseTensorToCSRSparseMatrix caused by a double redirection when accessing csr_row_ptr via indices(i, 0) + 1. This can lead to a denial of service by writing outside heap data. The connected OSV/GHSA entries con...
PT-2021-18314 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: An attacker can cause a denial of service ...
PT-2021-18296 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: An attacker can trigger a denial of servic...
Citrix Interoperability Validation
Microsoft Product Updates Microsoft Security Patch Validation Reports 2025| 2024| 2023 ---|---|--- January| January| January February| February| February March| March| March April| April| April May| May| May | June| June | July| July | August| August | September| September | October| October |...
[SECURITY] Fedora 22 Update: MUMPS-5.0.1-4.fc22
MUMPS implements a direct solver for large sparse linear systems, with a particular focus on symmetric positive definite matrices. It can operate on distributed matrices e.g. over a cluster. It has Fortran and C interfaces, and can interface with ordering tools such as Scotch...
[SECURITY] Fedora 21 Update: MUMPS-5.0.1-4.fc21
MUMPS implements a direct solver for large sparse linear systems, with a particular focus on symmetric positive definite matrices. It can operate on distributed matrices e.g. over a cluster. It has Fortran and C interfaces, and can interface with ordering tools such as Scotch...
[SECURITY] Fedora 23 Update: MUMPS-5.0.1-4.fc23
MUMPS implements a direct solver for large sparse linear systems, with a particular focus on symmetric positive definite matrices. It can operate on distributed matrices e.g. over a cluster. It has Fortran and C interfaces, and can interface with ordering tools such as Scotch...