9 matches found
CVE-2026-40450
Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0...
CVE-2026-40450
Samsung Open Source ONE suffers an integer overflow in the output tensor copy size calculation, potentially causing memory corruption when handling oversized tensors. Affected versions are before commit 1.30.0. CVSS v3.1 vector indicates Local attack vector, Low attack complexity, No privileges r...
ONE 输入验证错误漏洞
ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions of ONE prior to 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of the copy size for output tensors,...
CVE-2021-41219
TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...
Denial Of Service (DOS)
TensorFlow is vulnerable to a denial of service. The vulnerability is due to the improper handling of the dimensionality of the output tensor in TensorFlow Lite's segment sum implementation,where the code uses the last element of the tensor holding segment IDs to determine the output tensor's siz...
BIT-TENSORFLOW-2021-41219 Undefined behavior via `nullptr` reference binding in sparse matrix multiplication
TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...
SUSE CVE-2020-15210
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b a...
PYSEC-2020-133
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b a...
PYSEC-2020-133
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b a...