Lucene search
+L

527 matches found

OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-973 TensorFlow has Null Pointer Error in LookupTableImportV2

Impact The function tf.rawops.LookupTableImportV2 cannot handle scalars in the values parameter and gives an NPE. python import tensorflow as tf v = tf.Variable1 @tf.functionjitcompile=True def test: func = tf.rawops.LookupTableImportV2 para='tablehandle': v.handle,'keys': 62.98910140991211,...

7.5CVSS5.9AI score0.00358EPSS
Exploits0References6
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1005 TensorFlow vulnerable to `CHECK` failures in `UnbatchGradOp`

Impact The UnbatchGradOp function takes an argument id that is assumed to be a scalar. A nonscalar id can trigger a CHECK failure and crash the program. python import numpy as np import tensorflow as tf id is not scalar tf.rawops.UnbatchGradoriginalinput= tf.constant1,batchindex=tf.constant0,0,0 ...

5.9CVSS5.9AI score0.00558EPSS
Exploits0References8
OSV
OSV
added 2026/07/07 10:17 a.m.3 views

PYSEC-2026-1031 TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsGradient`

Impact When tf.quantization.fakequantwithminmaxvarsgradient receives input min or max that is nonscalar, it gives a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf import numpy as np arg0=tf.constantvalue=np.random.randomsize=2, 2, shape=2, 2, dtype=tf.float...

5.9CVSS5.9AI score0.00396EPSS
Exploits0References7
OSV
OSV
added 2026/07/06 9:23 p.m.3 views

GHSA-WW9Q-8R59-XV46 Zebra: Missing copy constraint in halo2_gadgets variable-base scalar multiplication allows under-constrained base, breaking Orchard Action circuit soundness

Summary A soundness vulnerability in the variable-base scalar multiplication gadget of halo2gadgets allowed a malicious prover to produce a valid proof for an Orchard Action with an under-constrained base point. Because this gadget enforces the diversified-address-integrity condition of the Orcha...

9.3CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2026/07/06 9:37 a.m.12 views

PYSEC-2026-1024 TensorFlow vulnerable to `CHECK` fail in `tf.sparse.cross`

Impact If tf.sparse.cross receives an input separator that is not a scalar, it gives a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf tf.sparse.crossinputs=,name='a',separator=tf.constant'a', 'b',dtype=tf.string Patches We have patched the issue ...

5.9CVSS5.9AI score0.00405EPSS
Exploits0References7
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1002 Missing validation crashes `QuantizeAndDequantizeV4Grad`

Impact The implementation of tf.rawops.QuantizeAndDequantizeV4Grad does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf tf.rawops.QuantizeAndDequantizeV4Grad gradients=tf.constant1,...

5.5CVSS5.9AI score0.0034EPSS
Exploits1References11
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:12 a.m.4 views

bpf: Fix NULL deref in map_kptr_match_type for scalar regs

...

5.5CVSS6.1AI score0.00122EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/25 7:58 p.m.7 views

CVE-2026-10512

The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...

2.3CVSS5.9AI score0.00263EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38900

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL deref in mapkptrmatchtype for scalar regs Commit ab6c637ad027 "bpf: Fix a bpfkptrxchg issue with local kptr" refactored mapkptrmatchtype to branch on btfiskernel before checking basetype. A scalar register stored in...

5.7AI score0.00122EPSS
Exploits0References6
NVD
NVD
added 2026/06/24 5:17 p.m.10 views

CVE-2026-53090

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix ldabs,ind failure path analysis in subprogs Usage of ldabs,ind instructions got extended into subprogs some time ago via commit 09b28d76eac4 "bpf: Add abnormal return checks.". These are only allowed in subprograms when...

7.8CVSS0.00124EPSS
Exploits0References5
NVD
NVD
added 2026/06/24 5:17 p.m.11 views

CVE-2026-53081

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce regsafe base id consistency for BPFADDCONST scalars When regsafe compares two scalar registers that both carry BPFADDCONST, checkscalarids maps their full compound id aka base | BPFADDCONST flag as one idmap entry...

7.8CVSS0.00116EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/24 4:30 p.m.10 views

EUVD-2026-38958

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix ldabs,ind failure path analysis in subprogs Usage of ldabs,ind instructions got extended into subprogs some time ago via commit 09b28d76eac4 "bpf: Add abnormal return checks.". These are only allowed in subprograms when...

5.8AI score0.00124EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 4:30 p.m.2 views

CVE-2026-53090 bpf: Fix ld_{abs,ind} failure path analysis in subprogs

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix ldabs,ind failure path analysis in subprogs Usage of ldabs,ind instructions got extended into subprogs some time ago via commit 09b28d76eac4 "bpf: Add abnormal return checks.". These are only allowed in subprograms when...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:30 p.m.12 views

CVE-2026-53081

The CVE-2026-53081 issue affects the Linux kernel BPF verifier: when two scalar registers carry BPF_ADD_CONST, id mapping could become inconsistent because the compound id (base | ADD_CONST) was mapped without validating the underlying base IDs. This could allow two verifier states where one deri...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 4:30 p.m.5 views

CVE-2026-53081 bpf: Enforce regsafe base id consistency for BPF_ADD_CONST scalars

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce regsafe base id consistency for BPFADDCONST scalars When regsafe compares two scalar registers that both carry BPFADDCONST, checkscalarids maps their full compound id aka base | BPFADDCONST flag as one idmap entry...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References10
CVE
CVE
added 2026/06/24 4:29 p.m.8 views

CVE-2026-53032

The CVE-2026-53032 issue affects the Linux kernel's BPF subsystem, specifically the map_kptr_match_type function. A scalar register stored into a kptr can trigger a NULL dereference when the code branches on btf_is_kernel(reg->btf) before verifying base_type(), since such registers have no BTF...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/24 4:29 p.m.4 views

CVE-2026-53032 bpf: Fix NULL deref in map_kptr_match_type for scalar regs

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL deref in mapkptrmatchtype for scalar regs Commit ab6c637ad027 "bpf: Fix a bpfkptrxchg issue with local kptr" refactored mapkptrmatchtype to branch on btfiskernel before checking basetype. A scalar register stored in...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51926

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the map kptr match type function when handling scalar registers. This happens because the function calls btf is kernel before verifying the base type...

6.7CVSS5.9AI score0.00122EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.19 views

CVE-2026-7567

The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybelogintemporaryuser function, which fails to verify that the 'temp-login-token' GET parameter is a scalar string before...

9.8CVSS5.4AI score0.09246EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.24 views

PT-2026-43166

Name of the Vulnerable Software and Affected Versions Archive::Tar versions prior to 3.10 Description Archive::Tar for Perl allows memory exhaustion when processing a tar header with an attacker-controlled entry size field. The read tar function reads each entry's payload using $handle-read$$data...

7.5CVSS5.4AI score0.00437EPSS
Exploits0References17
Rows per page
Query Builder