2543 matches found
CVE-2021-29616
TensorFlow is an end-to-end open source platform for machine learning. The implementation of TrySimplifyhttps://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmeticoptimizer.ccL390-L401 has undefined behavior due to...
PYSEC-2021-544
TensorFlow is an end-to-end open source platform for machine learning. The implementation of TrySimplifyhttps://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmeticoptimizer.ccL390-L401 has undefined behavior due to...
Null pointer dereference
TensorFlow is an end-to-end open source platform for machine learning. The implementation of TrySimplifyhttps://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmeticoptimizer.ccL390-L401 has undefined behavior due to...
CVE-2021-29586
CVE-2021-29586 affects TensorFlow (TFLite pooling) where optimized pooling implementations fail to validate stride values, allowing params->stride_height/width to be zero and cause a division by zero in ComputePaddingHeightWidth. Practically, this is a vulnerability in the pooling path of Tens...
CVE-2021-29586 Division by zero in optimized pooling implementations in TFLite
TensorFlow is an end-to-end open source platform for machine learning. Optimized pooling implementations in TFLite fail to check that the stride arguments are not 0 before calling...
CVE-2021-29616
CVE-2021-29616 affects TensorFlow: the TrySimplify path in Grappler dereferences a null pointer in corner cases (optimizing a node with no inputs). This is a null-dereference vulnerability in the TensorFlow optimization code, not a user-facing attack surface description. The issue has been fixed ...
Pakistan-Linked Hackers Added New Windows Malware to Its Arsenal
Cybercriminals with suspected ties to Pakistan continue to rely on social engineering as a crucial component of its operations as part of an evolving espionage campaign against Indian targets, according to new research. The attacks have been linked to a group called Transparent Tribe, also known ...
What is minification and why is it needed❓ The Advantages Of Minification
This concept might look simple to understand but it requires deep-understanding for one to interact with the concept properly and know what it entails and what it doesn’t. A bunch of developers use minification in website development, in order to have fast and active web. Minification can be...
Denial Of Service (DoS)
Rust is vulnerable to denial of service. The optimization for joining strings can cause uninitialized bytes to be exposed or lead to an application crash...
Shift Left: Moving Container Security into the Dev, Test, and Build Process
Learn how you can use a DevOps methodology that optimizes application deployments and provides greater security for containers. This article explains how to move security into the container creation process in the DevOps workflow...
CVE-2016-20010
EWWW Image Optimizer before 2.8.5 allows remote command execution because it relies on a protection mechanism involving boolval, which is unavailable before PHP 5.5...
Xen Paging Tables Race Condition (XSA-328)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an issue allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, X...
In the standard library in Rust before 1.52.0 there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.
...
DEBIAN-CVE-2020-36323
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...
CVE-2020-36323
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...
ALPINE-CVE-2020-36323
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...
Design/Logic Flaw
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...
CVE-2020-36323
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...
CVE-2020-36323
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...
CVE-2020-36323
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...