34 matches found
PYSEC-2021-657
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a CHECK fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the...
PYSEC-2021-520
TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209https://vulners.com/cve/CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the...
CVE-2021-29592
TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209https://vulners.com/cve/CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the...
CVE-2021-29581 Segfault in `CTCBeamSearchDecoder`
TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.CTCBeamSearchDecoder, an attacker can trigger denial of service via segmentation faults. The...
CVE-2021-29531
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a CHECK fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the...
CVE-2020-28916
hw/net/e1000ecore.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address...
CVE-2020-28916
hw/net/e1000ecore.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address...
DEBIAN-CVE-2020-28916
hw/net/e1000ecore.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address...
CVE-2020-28916
hw/net/e1000ecore.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address...
CVE-2020-28916
CVE-2020-28916 affects QEMU 5.0.0 with an infinite loop in the e1000e core when an RX descriptor has a NULL buffer address (hw/net/e1000e_core.c). Impact: denial of service on the host/guest, with potential for code execution under some advisories. Remediation: upgrade to upstream 5.2.0 or newer;...
CVE-2020-28916
hw/net/e1000ecore.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address...
CVE-2020-28916
hw/net/e1000ecore.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address...
PYSEC-2020-324
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one...
GHSA-QH32-6JJC-QPRM Null pointer dereference in tensorflow-lite
Impact A crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one. The runtime assumes that these buffers are written to before a...