Lucene search
K

1887 matches found

Cvelist
Cvelist
added 2020/09/25 6:50 p.m.28 views

CVE-2020-15213 Denial of service in tensorflow-lite

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor,...

4CVSS4AI score0.00632EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2020/09/25 6:50 p.m.3 views

CVE-2020-15213

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor,...

4.3CVSS6.8AI score0.00632EPSS
Exploits1
Debian CVE
Debian CVE
added 2020/09/25 6:50 p.m.3 views

CVE-2020-15214

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the...

8.1CVSS7AI score0.00556EPSS
Exploits1
CVE
CVE
added 2020/09/25 6:50 p.m.89 views

CVE-2020-15214

CVE-2020-15214 affects TensorFlow Lite prior to 2.2.1 and 2.3.1. A write-out-of-bounds can occur when segment IDs are not sorted in segment_sum, due to memory allocation based on the last segment-id element, causing segmentation faults and potential memory corruption. The issue is patched in comm...

8.1CVSS7.8AI score0.00556EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2020/09/25 6:29 p.m.1 views

GHSA-HX2X-85GR-WRPQ Out of bounds access in tensorflow-lite

Impact In TensorFlow Lite models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor:...

9.1CVSS6.9AI score0.0061EPSS
Exploits1References11
Github Security Blog
Github Security Blog
added 2020/09/25 6:29 p.m.62 views

Out of bounds access in tensorflow-lite

Impact In TensorFlow Lite models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor:...

8.6CVSS0.8AI score0.0061EPSS
Exploits1References11Affected Software3
OSV
OSV
added 2020/09/25 6:28 p.m.3 views

GHSA-P2CQ-CPRG-FRVM Out of bounds write in tensorflow-lite

Impact In TensorFlow Lite models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the dimensionality of output tensor:...

9.1CVSS5.8AI score0.00556EPSS
Exploits1References12
OSV
OSV
added 2020/09/25 6:28 p.m.8 views

GHSA-HJMQ-236J-8M87 Denial of service in tensorflow-lite

Impact In TensorFlow Lite models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor, attackers can use a very...

6.3CVSS5.8AI score0.00632EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2020/09/25 12:0 a.m.1 views

PT-2020-14284 · Google · Tensorflow Lite

Name of the Vulnerable Software and Affected Versions: TensorFlow Lite versions prior to 2.2.1 TensorFlow Lite versions prior to 2.3.1 Description: The issue allows attackers to trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. This is possib...

6.3CVSS4.1AI score0.00632EPSS
Exploits1References17
Positive Technologies
Positive Technologies
added 2020/09/25 12:0 a.m.2 views

PT-2020-14283 · Google · Tensorflow Lite

Name of the Vulnerable Software and Affected Versions: TensorFlow Lite versions prior to 2.2.1 TensorFlow Lite versions prior to 2.3.1 Description: The issue allows models using segment sum to trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment...

9.1CVSS8.7AI score0.0061EPSS
Exploits1References17
Positive Technologies
Positive Technologies
added 2020/09/25 12:0 a.m.6 views

PT-2020-14285 · Google · Tensorflow Lite

Name of the Vulnerable Software and Affected Versions: TensorFlow Lite versions prior to 2.2.1 TensorFlow Lite versions prior to 2.3.1 Description: The issue arises when models using segment sum have unsorted segment ids, causing the code to assume they are in increasing order. This leads to...

9.1CVSS7.9AI score0.00556EPSS
Exploits1References18
Hacker One
Hacker One
added 2020/08/22 6:12 a.m.44 views

Internet Bug Bounty: CVE-2017-13041 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().

Description: Versions of tcpdump before 4.9.2 are vulnerable to a buffer over-read in print-icmp6.c. This vulnerability was disclosed to the tcpdump maintainers and was recently patched in version 4.9.2 and disclosed as CVE-2017-13041. Patch:...

7.5CVSS9.3AI score0.04598EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.6 views

The vulnerability of the Segment component in the Oracle Retail Customer Management and Segmentation Foundation software allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Segment component in Oracle Retail Customer Management and Segmentation Foundation software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain access to modify, add, or delete data...

4.3CVSS6.4AI score0.00812EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.9 views

The vulnerability of the Segment component in the Oracle Retail Customer Management and Segmentation software application allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Segment component in Oracle Retail Customer Management and Segmentation Foundation software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to modify, add, or delete data, or gain unauthorized access...

5.5CVSS6.6AI score0.00799EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/07/28 12:0 a.m.6 views

OSV-2020-1377 Segv on unknown address in slice_segment_header::operator=

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22924 Crash type: Segv on unknown address Crash state: slicesegmentheader::operator= slicesegmentheader::read decodercontext::readsliceNAL...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/07/16 12:0 a.m.2 views

Unspecified Vulnerability in Oracle Customer Management and Segmentation Foundation (CNVD-2020-44080)

Oracle Customer Management and Segmentation Foundation is a retail customer management product. A security vulnerability exists in the Segment component of Oracle Customer Management and Segmentation Foundation. An attacker could exploit the vulnerability to compromise integrity...

4.3CVSS9AI score0.00812EPSS
Exploits0References1
OSV
OSV
added 2020/07/15 6:15 p.m.2 views

CVE-2020-14708

Vulnerability in the Customer Management and Segmentation Foundation product of Oracle Retail Applications component: Segment. Supported versions that are affected are 16.0, 17.0 and 18.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

4.3CVSS7.3AI score0.00812EPSS
Exploits0References1
Prion
Prion
added 2020/07/15 6:15 p.m.14 views

Buffer overflow

Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate component: Process Management. The supported version that is affected is Prior to 19.1.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the...

5.8CVSS9AI score0.01864EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/09 12:0 a.m.6 views

The vulnerability of the `remove_dirty_segment()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the removedirtysegment function in the Linux operating system’s kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to trigger a service failure...

5.5CVSS6.5AI score0.01892EPSS
Exploits0References26Affected Software2
RedHat Linux
RedHat Linux
added 2020/06/11 9:11 a.m.9 views

cxf: reflected XSS in the services listing page

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting XSS attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploit...

6.1CVSS7.2AI score0.07055EPSS
Exploits0References4
Rows per page
Query Builder