Lucene search
K

463 matches found

Github Security Blog
Github Security Blog
added 2023/03/24 9:58 p.m.29 views

TensorFlow vulnerable to integer overflow in EditDistance

Impact TFversion 2.11.0 //tensorflow/core/ops/arrayops.cc:1067 const Tensor hypothesisshapet = c-inputtensor2; std::vector dimshypothesisshapet-NumElements - 1; for int i = 0; i MakeDimstd::maxhvaluesi, tvaluesi; if hypothesisshapet is empty, hypothesisshapet-NumElements - 1 will be integer...

7.5CVSS7.2AI score0.00391EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:58 p.m.31 views

TensorFlow has Null Pointer Error in TensorArrayConcatV2

Impact When ctx-stepcontainter is a null ptr, the Lookup function will be executed with a null pointer. python import tensorflow as tf tf.rawops.TensorArrayConcatV2handle='a', 'b', flowin = 0.1, dtype=tf.int32, elementshapeexcept0=1 Patches We have patched the issue in GitHub commit...

7.5CVSS7.2AI score0.00391EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:58 p.m.28 views

TensorFlow has Heap-buffer-overflow in AvgPoolGrad

Impact python import os os.environ'TFENABLEONEDNNOPTS' = '0' import tensorflow as tf printtf.version with tf.device"CPU": ksize = 1, 40, 128, 1 strides = 1, 128, 128, 30 padding = "SAME" dataformat = "NHWC" originputshape = 11, 9, 78, 9 grad = tf.saturatecasttf.random.uniform16, 16, 16, 16,...

9.8CVSS9AI score0.00415EPSS
Exploits0References4Affected Software2
Github Security Blog
Github Security Blog
added 2023/03/24 9:57 p.m.28 views

TensorFlow has Null Pointer Error in SparseSparseMaximum

Impact When SparseSparseMaximum is given invalid sparse tensors as inputs, it can give an NPE. python import tensorflow as tf tf.rawops.SparseSparseMaximum aindices=1, avalues = 0.1 , ashape = 2, bindices=, bvalues =2 , bshape = 2, Patches We have patched the issue in GitHub commit...

7.5CVSS7.3AI score0.00439EPSS
Exploits1References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:57 p.m.27 views

TensorFlow has Floating Point Exception in AudioSpectrogram

Impact version:2.11.0 //core/ops/audioops.cc:70 Status SpectrogramShapeFnInferenceContext c ShapeHandle input; TFRETURNIFERRORc-WithRankc-input0, 2, &input; int32t windowsize; TFRETURNIFERRORc-GetAttr"windowsize", &windowsize; int32t stride; TFRETURNIFERRORc-GetAttr"stride", &stride; .....1...

7.5CVSS7.2AI score0.00383EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:57 p.m.33 views

TensorFlow vulnerable to segfault when opening multiframe gif

Impact Integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. python import urllib.request dat =...

7.5CVSS7.4AI score0.00305EPSS
Exploits0References4Affected Software3
OSV
OSV
added 2023/03/24 9:57 p.m.2 views

GHSA-FQM2-GH8W-GR68 TensorFlow vulnerable to segfault when opening multiframe gif

Impact Integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. python import urllib.request dat =...

6.5CVSS6.6AI score0.00305EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/03/24 9:56 p.m.32 views

TensorFlow has Floating Point Exception in AvgPoolGrad with XLA

Impact If the stride and window size are not positive for tf.rawops.AvgPoolGrad, it can give an FPE. python import tensorflow as tf import numpy as np @tf.functionjitcompile=True def test: y = tf.rawops.AvgPoolGradoriginputshape=1,0,0,0, grad=0.39117979, ksize=1,0,0,0, strides=1,0,0,0,...

7.5CVSS7.3AI score0.00391EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:55 p.m.24 views

TensorFlow has segmentation fault in tfg-translate

Impact Out-of-bounds access due to mismatched integer type sizes in ValueMap::Manager::GetValueOrCreatePlaceholder. Bug with tfg-translate call to InitMlir. The problem happens with generic functions, as it is already handled for non-generic functions. This is because they, unlike non-generic...

7.5CVSS7.2AI score0.00516EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
added 2023/03/24 9:54 p.m.24 views

TensorFlow has Null Pointer Error in LookupTableImportV2

Impact The function tf.rawops.LookupTableImportV2 cannot handle scalars in the values parameter and gives an NPE. python import tensorflow as tf v = tf.Variable1 @tf.functionjitcompile=True def test: func = tf.rawops.LookupTableImportV2 para='tablehandle': v.handle,'keys': 62.98910140991211,...

7.5CVSS7.3AI score0.00358EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:54 p.m.25 views

TensorFlow has Floating Point Exception in TensorListSplit with XLA

Impact FPE in TensorListSplit with XLA python import tensorflow as tf func = tf.rawops.TensorListSplit para = 'tensor': 1, 'elementshape': -1, 'lengths': 0 @tf.functionjitcompile=True def fuzzjit: y = funcpara return y printfuzzjit Patches We have patched the issue in GitHub commit...

7.5CVSS7.3AI score0.00391EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:54 p.m.20 views

TensorFlow has Null Pointer Error in RandomShuffle with XLA enable

Impact NPE in RandomShuffle with XLA enable python import tensorflow as tf func = tf.rawops.RandomShuffle para = 'value': 1e+20, 'seed': -4294967297, 'seed2': -2147483649 @tf.functionjitcompile=True def test: y = funcpara return y test Patches We have patched the issue in GitHub commit...

7.5CVSS7.3AI score0.00391EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:54 p.m.29 views

TensorFlow has Segfault in Bincount with XLA

Impact When running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. python import tensorflow as tf func = tf.rawops.Bincount para='arr': 6, 'size': 804, 'weights': 52, 351 @tf.functionjitcompile=True def...

7.5CVSS7.2AI score0.00391EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:54 p.m.30 views

TensorFlow has null dereference on ParallelConcat with XLA

Impact When running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. python import tensorflow as tf func = tf.rawops.ParallelConcat para = 'shape': 0, 'values': 1 @tf.functionjitcompile=True def test: y =...

7.5CVSS7.2AI score0.00391EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:53 p.m.31 views

TensorFlow has double free in Fractional(Max/Avg)Pool

Impact nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supported. python import tensorflow as tf import os import numpy as np from...

8CVSS7.3AI score0.00148EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:53 p.m.34 views

TensorFlow has Floating Point Exception in TFLite in conv kernel

Impact Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. Patches We have patched the issue in GitHub commit 34f8368c535253f5c9cb3a303297743b62442aaa. The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1. Fo...

7.5CVSS7.2AI score0.00391EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2023/03/24 9:53 p.m.21 views

TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad

Impact Out of bounds read in GRUBlockCellGrad python func = tf.rawops.GRUBlockCellGrad para = 'x': 21.1, 156.2, 83.3, 115.4, 'hprev': array136.5, 136.6, 'wru': array26.7, 0.8, 47.9, 26.1, 26.2, 26.3, 'wc': array 0.4, 31.5, 0.6, 'bru': array0.1, 0.2 , dtype=float32, 'bc': 0x41414141, 'r': array0.3...

7.5CVSS7.2AI score0.00383EPSS
Exploits0References4Affected Software3
Vulnrichment
Vulnrichment
added 2023/01/05 12:0 a.m.14 views

CVE-2023-22622

WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation gui...

5.6AI score0.01659EPSS
Exploits1References7
CVE
CVE
added 2023/01/05 12:0 a.m.288 views

CVE-2023-22622

CVE-2023-22622 concerns WordPress up to version 6.1.1 where wp-cron.php execution depends on unpredictable client visits, potentially delaying critical security updates. The underlying cause is described as a scenario where a site may not receive enough visits to run scheduled tasks timely. Docum...

5.3CVSS5.5AI score0.01659EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
added 2022/11/22 12:10 a.m.32 views

Tensorflow vulnerable to Out-of-Bounds Read

Impact When the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob vuln occurs. python tf.rawops.ThreadUnsafeUnigramCandidateSampler trueclasses=0x100000,1, numtrue = 2, numsampled = 2, unique = False, rangemax = 2, seed = 2, seed2 = 2 Patches We have...

9.1CVSS8.8AI score0.0038EPSS
Exploits1References5Affected Software3
Rows per page
Query Builder