PYSEC-2021-150

TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++...

PYSEC-2021-150

TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++...

PYSEC-2021-639

TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++...

CVE-2021-29537 Heap buffer overflow in `QuantizedResizeBilinear`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedResizeBilinear by passing in invalid thresholds for the quantization. This is because the...

Google TensorFlow 数字错误漏洞

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in OneHot in Google TensorFlow. No details of the vulnerability are provided at this time...

PT-2021-18264 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: The issue arises when calling TF operations with tensors of non-numeric types, resulting in nu...

GHSA-58QP-5328-V7MH cumulative-distribution-function Infinite Loop vulnerability

Impact Apps using this library on improper data may crash or go into an infinite-loop In the case of a nodejs server-app using this library to act on invalid non-numeric data, the nodejs server may crash. This may affect other users of this server and/or require the server to be rebooted for prop...

CVE-2021-29486

cumulative-distribution-function is an open source npm library used which calculates statistical cumulative distribution function from data array of x values. In versions prior to 2.0.0 apps using this library on improper data may crash or go into an infinite-loop. In the case of a nodejs...

CVE-2021-29486 Improper Input Validation and Loop with Unreachable Exit Condition ('Infinite Loop') in cumulative-distribution-function

cumulative-distribution-function is an open source npm library used which calculates statistical cumulative distribution function from data array of x values. In versions prior to 2.0.0 apps using this library on improper data may crash or go into an infinite-loop. In the case of a nodejs...

PT-2021-18248 · Npm · Cumulative-Distribution-Function

Name of the Vulnerable Software and Affected Versions: cumulative-distribution-function versions prior to 2.0.0 Description: The issue arises when the cumulative-distribution-function library is used with improper data, potentially causing apps to crash or enter an infinite loop. This can occur i...

Imagemagick Studio ImageMagick 数字错误漏洞

Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. ImageMagick has a security vulnerability that can be exploited by an attacker to...

CVE-2020-28898

In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation...

Jason Summers deark number error vulnerability

Jason Summers deark is a Jason Summers open source application. A command line utility that can decode certain types of files. A numeric error vulnerability exists in versions prior to Jason Summers Deark v1.5.8, which can be exploited by an attacker to cause a divide-by-zero error via a speciall...

GO-2021-0070 Privilege escalation in github.com/opencontainers/runc

GetExecUser in the github.com/opencontainers/runc/libcontainer/user package will improperly interpret numeric UIDs as usernames. If the method is used without verifying that usernames are formatted as expected, it may allow a user to gain unexpected privileges...

Jason Summers deark 数字错误漏洞

Jason Summers deark is a Jason Summers open source application. A command line utility that can decode certain types of files. A numeric error vulnerability exists in versions prior to Jason Summers Deark v1.5.8, which can be exploited by an attacker to cause a divide-by-zero error via a speciall...

The vulnerability of the Blink display module in Google Chrome browsers allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of Google Chrome’s Blink rendering module is related to a numerical overflow of values. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

gdk-pixbuf Number Error Vulnerability

gdk-pixbuf is an image loading library. GDK-PixBuf suffers from a numeric error vulnerability that can be exploited by an attacker who can trigger an integer overflow, resulting in a denial of service and possibly run code...

Incorrect Conversion between Numeric Types

An issue was discovered in GNOME GLib If gbytearraynewtake was called with a buffer of 4GB or more on a platform, the length would be truncated modulo 232, causing unintended length truncation...

U.S. Dept Of Defense: Course Registration Form Allowing an attacker to dump all the candidate name who had enrolled for the course

The application allowed an attacker to enumerate all candidate names who had applied for various courses by cycling a numeric parameter in the application's URL...

ZCFees Number Error Vulnerability

A Numeric Error vulnerability exists in ZCFees that arises from a network system or product not properly calculating or converting resulting numbers. An attacker could exploit this vulnerability to cause, among other things, an integer overflow or a sign error...