1887 matches found
CVE-2020-15213 Denial of service in tensorflow-lite
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor,...
CVE-2020-15213
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor,...
CVE-2020-15214
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the...
CVE-2020-15214
CVE-2020-15214 affects TensorFlow Lite prior to 2.2.1 and 2.3.1. A write-out-of-bounds can occur when segment IDs are not sorted in segment_sum, due to memory allocation based on the last segment-id element, causing segmentation faults and potential memory corruption. The issue is patched in comm...
GHSA-HX2X-85GR-WRPQ Out of bounds access in tensorflow-lite
Impact In TensorFlow Lite models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor:...
Out of bounds access in tensorflow-lite
Impact In TensorFlow Lite models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor:...
GHSA-P2CQ-CPRG-FRVM Out of bounds write in tensorflow-lite
Impact In TensorFlow Lite models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the dimensionality of output tensor:...
GHSA-HJMQ-236J-8M87 Denial of service in tensorflow-lite
Impact In TensorFlow Lite models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor, attackers can use a very...
PT-2020-14284 · Google · Tensorflow Lite
Name of the Vulnerable Software and Affected Versions: TensorFlow Lite versions prior to 2.2.1 TensorFlow Lite versions prior to 2.3.1 Description: The issue allows attackers to trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. This is possib...
PT-2020-14283 · Google · Tensorflow Lite
Name of the Vulnerable Software and Affected Versions: TensorFlow Lite versions prior to 2.2.1 TensorFlow Lite versions prior to 2.3.1 Description: The issue allows models using segment sum to trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment...
PT-2020-14285 · Google · Tensorflow Lite
Name of the Vulnerable Software and Affected Versions: TensorFlow Lite versions prior to 2.2.1 TensorFlow Lite versions prior to 2.3.1 Description: The issue arises when models using segment sum have unsorted segment ids, causing the code to assume they are in increasing order. This leads to...
Internet Bug Bounty: CVE-2017-13041 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
Description: Versions of tcpdump before 4.9.2 are vulnerable to a buffer over-read in print-icmp6.c. This vulnerability was disclosed to the tcpdump maintainers and was recently patched in version 4.9.2 and disclosed as CVE-2017-13041. Patch:...
The vulnerability of the Segment component in the Oracle Retail Customer Management and Segmentation Foundation software allows a hacker to gain access to modify, add, or delete data.
The vulnerability of the Segment component in Oracle Retail Customer Management and Segmentation Foundation software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain access to modify, add, or delete data...
The vulnerability of the Segment component in the Oracle Retail Customer Management and Segmentation software application allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Segment component in Oracle Retail Customer Management and Segmentation Foundation software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to modify, add, or delete data, or gain unauthorized access...
OSV-2020-1377 Segv on unknown address in slice_segment_header::operator=
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22924 Crash type: Segv on unknown address Crash state: slicesegmentheader::operator= slicesegmentheader::read decodercontext::readsliceNAL...
Unspecified Vulnerability in Oracle Customer Management and Segmentation Foundation (CNVD-2020-44080)
Oracle Customer Management and Segmentation Foundation is a retail customer management product. A security vulnerability exists in the Segment component of Oracle Customer Management and Segmentation Foundation. An attacker could exploit the vulnerability to compromise integrity...
CVE-2020-14708
Vulnerability in the Customer Management and Segmentation Foundation product of Oracle Retail Applications component: Segment. Supported versions that are affected are 16.0, 17.0 and 18.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
Buffer overflow
Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate component: Process Management. The supported version that is affected is Prior to 19.1.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the...
The vulnerability of the `remove_dirty_segment()` function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the removedirtysegment function in the Linux operating system’s kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to trigger a service failure...
cxf: reflected XSS in the services listing page
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting XSS attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploit...