Lucene search
K

1788 matches found

Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-55213 h2o: musl libc stack overflow (QPACK)

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1, when h2o processes a QPACK instruction sent from the peer over HTTP/3, lib/http3/qpack.c might allocate an on-stack buffer as large as approximately 800 KB by calling...

7.5CVSS0.00343EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 3 days ago9 views

PT-2026-57321

Name of the Vulnerable Software and Affected Versions h2o versions prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1 Description When processing a QPACK instruction sent from a peer over HTTP/3, the server may allocate an on-stack buffer of approximately 800 KB using the alloca function in...

7.5CVSS6.2AI score0.00343EPSS
Exploits0References7
OSV
OSV
added 6 days ago5 views

PYSEC-2026-1859 Malciously crafted QPY files can allows Remote Attackers to Cause Denial of Service in Qiskit

Impact A maliciously crafted QPY file containing a malformed symengine serialization stream as part of the larger QPY serialization of a ParameterExpression object can cause a segfault within the symengine library, allowing an attacker to terminate the hosting process deserializing the QPY payloa...

8.6CVSS5.9AI score0.0066EPSS
Exploits0References7
OSV
OSV
added 6 days ago4 views

PYSEC-2026-1962 TensorFlow has segfault in array_ops.upper_bound

Impact arrayops.upperbound causes a segfault when not given a rank 2 tensor. Patches We have patched the issue in GitHub commit 915884fdf5df34aaedd00fc6ace33a2cfdefa586. The fix will be included in TensorFlow 2.13. We will also cherrypick this commit in TensorFlow 2.12.1. For more information...

8.7CVSS5.9AI score0.00429EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 6 days ago4 views

CVE-2026-53877

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS6AI score0.00291EPSS
Exploits0
OSV
OSV
added 6 days ago4 views

PYSEC-2026-1963 TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`

Impact When the parameter summarize of tf.rawops.Print is zero, the new method SummarizeArray will reference to a nullptr, leading to a seg fault. python import tensorflow as tf tf.rawops.Printinput = tf.constant1, 1, 1, 1,dtype=tf.int32, data = False, False, False, False, False, False, False,...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6
OSV
OSV
added 6 days ago3 views

PYSEC-2026-1961 TensorFlow vulnerable to segfault when opening multiframe gif

Impact Integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. python import urllib.request dat =...

6.5CVSS6.7AI score0.00305EPSS
Exploits0References6
OSV
OSV
added 6 days ago3 views

PYSEC-2026-1953 TensorFlow has segmentation fault in tfg-translate

Impact Out-of-bounds access due to mismatched integer type sizes in ValueMap::Manager::GetValueOrCreatePlaceholder. Bug with tfg-translate call to InitMlir. The problem happens with generic functions, as it is already handled for non-generic functions. This is because they, unlike non-generic...

7.5CVSS6.6AI score0.00516EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-967 TensorFlow has Segfault in Bincount with XLA

Impact When running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. python import tensorflow as tf func = tf.rawops.Bincount para='arr': 6, 'size': 804, 'weights': 52, 351 @tf.functionjitcompile=True def...

7.5CVSS6.9AI score0.00391EPSS
Exploits0References6
OSV
OSV
added 6 days ago3 views

PYSEC-2026-1034 Segfault in `CompositeTensorVariantToComponents`

Impact An input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents. python import tensorflow as tf encode = tf.rawops.EmptyTensorListelementdtype=tf.int32, elementshape=10, 15, maxnumelements=2 meta= ""...

4.8CVSS7.1AI score0.0049EPSS
Exploits1References8
OSV
OSV
added 6 days ago2 views

PYSEC-2026-1050 Segfault via invalid attributes in `pywrap_tfe_src.cc`

Impact If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors as input ksizes. python import numpy as np import...

5.5CVSS6AI score0.00404EPSS
Exploits1References7
OSV
OSV
added 6 days ago2 views

PYSEC-2026-957 Segfault in `tf.raw_ops.TensorListConcat`

Impact If tf.rawops.TensorListConcat is given elementshape=, it results segmentation fault which can be used to trigger a denial of service attack. python import tensorflow as tf tf.rawops.TensorListConcat inputhandle=tf.data.experimental.tovarianttf.data.Dataset.fromtensorslices1, 2, 3,...

4.8CVSS7AI score0.0043EPSS
Exploits1References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-995 TensorFlow vulnerable to segfault in `QuantizedInstanceNorm`

Impact If QuantizedInstanceNorm is given xmin or xmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outputrangegiven = False givenymin = 0 givenymax = 0 varianceepsilon = 1e-05 minseparation = 0.001 x =...

5.9CVSS6.9AI score0.00423EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-1038 TensorFlow vulnerable to segfault in `QuantizedRelu` and `QuantizedRelu6`

Impact If QuantizedRelu or QuantizedRelu6 are given nonscalar inputs for minfeatures or maxfeatures, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.quint8 features = tf.constant28, shape=4,2, dtype=tf.quint8 minfeatures...

5.9CVSS5.9AI score0.00423EPSS
Exploits0References7
OSV
OSV
added 6 days ago2 views

PYSEC-2026-1039 TensorFlow vulnerable to segfault in `QuantizeDownAndShrinkRange`

Impact If QuantizeDownAndShrinkRange is given nonscalar inputs for inputmin or inputmax, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.quint8 input = tf.constant1, shape=3, dtype=tf.qint32 inputmin = tf.constant,...

5.9CVSS5.9AI score0.00423EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-948 TensorFlow vulnerable to segfault in `QuantizedBiasAdd`

Impact If QuantizedBiasAdd is given mininput, maxinput, minbias, maxbias tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.qint32 input = tf.constant85,170,255, shape=3, dtype=tf.quint8 bias =...

5.9CVSS5.9AI score0.00409EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-959 TensorFlow vulnerable to segfault in `QuantizedMatMul`

Impact If QuantizedMatMul is given nonscalar input for: - mina - maxa - minb - maxb It gives a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf Toutput = tf.qint32 transposea = False transposeb = False Tactivation = tf.quint8 a = tf.constant7,...

5.9CVSS5.9AI score0.00423EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-949 TensorFlow vulnerable to segfault in `QuantizedAvgPool`

Impact If QuantizedAvgPool is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf ksize = 1, 2, 2, 1 strides = 1, 2, 2, 1 padding = "SAME" input = tf.constant1, shape=1,4,4,2,...

5.9CVSS5.9AI score0.00409EPSS
Exploits0References7
OSV
OSV
added 6 days ago5 views

PYSEC-2026-1030 TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound`

Impact If LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.int32 sortedinputs = tf.constant, shape=10,0, dtype=tf.float32...

5.9CVSS5.9AI score0.00383EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-988 TensorFlow vulnerable to segfault in `BlockLSTMGradV2`

Impact The implementation of BlockLSTMGradV2 does not fully validate its inputs. - wci, wcf, wco, b must be rank 1 - w, csprev, hprev must be rank 2 - x must be rank 3 This results in a a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf usepeephole =...

5.9CVSS5.9AI score0.00409EPSS
Exploits0References7
Rows per page
Query Builder