Google TensorFlow 安全漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A security vulnerability exists in Google TensorFlow that stems from TensorListScatter and TensorListScatterV2 failing to give an assertion when they receive an elementsha...

EulerOS 2.0 SP9 : harfbuzz (EulerOS-SA-2022-2319)

According to the versions of the harfbuzz packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service DoS via...

The vulnerability of the hb-ot-shape-fallback.cc component in the Harfbuzz text transformation library, which allows a hacker to trigger a service failure.

The vulnerability of the hb-ot-shape-fallback.cc component in the Harfbuzz text transformation library is related to a numerical overflow in the hb-ot-shape-fallback.cc file. Exploiting this vulnerability could allow an attacker to cause a service failure by sending specially crafted data to the...

ROS-20220721-02

A vulnerability in the Harfbuzz text conversion library involves an integer overflow in the hb-ot-shape-fallback.cc file. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow, and cause the applicatio...

OESA-2022-1777 harfbuzz security update

HarfBuzz is a text-shaping engine. If you give HarfBuzz a font and a string containing a sequence of Unicode codepoints, HarfBuzz selects and positions the corresponding glyphs from the font, applying all of the necessary layout rules and font features. HarfBuzz then returns the string to you in...

Huawei MindSpore Community numeric error vulnerability

Huawei MindSpore Community is an open source deep learning framework from Huawei China.A numerical error vulnerability exists in versions prior to Huawei MindSpore Community 1.3.0, which stems from the fact that when performing the initialization operation of the Split operator, if a dimension in...

Huawei MindSpore Community Concat Information Disclosure Vulnerability

Huawei MindSpore Community is an open source deep learning framework from Huawei, China. Huawei MindSpore Community suffers from an information disclosure vulnerability that stems from accessing a shape allocated from the heap buffer if the input shape size is 0 when performing inferred shape...

CVE-2021-33650

When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers...

CVE-2021-33649

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the inputshape, it will access data outside of bounds of inputshape which allocated from heap buffers...

CVE-2021-33647

When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers...

CVE-2021-33649

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the inputshape, it will access data outside of bounds of inputshape which allocated from heap buffers...

CVE-2021-33653

When performing the derivation shape operation of the SpaceToBatch operator, if there is a value of 0 in the parameter blockshape element, it will cause a division by 0 exception...

CVE-2021-33648

When performing the inference shape operation of Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather operators, if the input shape size is 0, it will access data outside of bounds of shape which allocated from heap buffers...

CVE-2021-33647

When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers...

CVE-2021-33650

When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers...

Out-of-bounds

When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers...

Heap overflow

When performing the inference shape operation of Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather operators, if the input shape size is 0, it will access data outside of bounds of shape which allocated from heap buffers...

Heap overflow

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the inputshape, it will access data outside of bounds of inputshape which allocated from heap buffers...

CVE-2021-33654

When performing the initialization operation of the Split operator, if a dimension in the input shape is 0, it will cause a division by 0 exception...

CVE-2021-33650

When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers...