Lucene search
K

58 matches found

OSV
OSV
added 2022/02/09 11:28 p.m.4 views

GHSA-RWW7-2GPW-FV6J Crash when type cannot be specialized in Tensorflow

Impact Under certain scenarios, TensorFlow can fail to specialize a type during shape inference: cc void InferenceContext::PreInputInit const OpDef& opdef, const std::vector& inputtensors, const std::vector& inputtensorsasshapes const auto ret = fulltype::SpecializeTypeattrs, opdef;...

7.1CVSS6.1AI score0.00992EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2022/02/09 11:28 p.m.25 views

Crash when type cannot be specialized in Tensorflow

Impact Under certain scenarios, TensorFlow can fail to specialize a type during shape inference: cc void InferenceContext::PreInputInit const OpDef& opdef, const std::vector& inputtensors, const std::vector& inputtensorsasshapes const auto ret = fulltype::SpecializeTypeattrs, opdef;...

6.5CVSS1.2AI score0.00992EPSS
Exploits1References7Affected Software3
OSV
OSV
added 2022/02/04 11:15 p.m.7 views

PYSEC-2022-136

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the DCHECK function however, DCHECK is a no-op in production builds and an assertion failure in debug builds. In the first cas...

6.5CVSS6.8AI score0.00992EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/02/04 10:32 p.m.7 views

CVE-2022-23572 Crash when type cannot be specialized in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the DCHECK function however, DCHECK is a no-op in production builds and an assertion failure in debug builds. In the first cas...

6.5CVSS6.5AI score0.00992EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.6 views

Google TensorFlow 代码问题漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google USA. Google TensorFlow is vulnerable to a code issue that stems from the fact that TensorFlow may fail to specialize types during shape inference. No detailed vulnerability details are currently available...

6.5CVSS5.7AI score0.00992EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/01/26 4:15 p.m.6 views

CVE-2022-22851

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php...

5.4CVSS6AI score0.00627EPSS
Exploits0References3
OSV
OSV
added 2022/01/26 4:15 p.m.8 views

CVE-2022-22851

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php...

5.4CVSS6.1AI score0.00627EPSS
Exploits0References2
NVD
NVD
added 2022/01/26 4:15 p.m.23 views

CVE-2022-22851

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php...

5.4CVSS0.00627EPSS
Exploits0References2
Prion
Prion
added 2022/01/26 4:15 p.m.16 views

Cross site scripting

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php...

3.5CVSS5.3AI score0.00627EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/01/26 3:58 p.m.31 views

CVE-2022-22851

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php...

5.4AI score0.00627EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/01/26 12:0 a.m.6 views

Sourcecodester Hospital Patient Records Management System 跨站脚本漏洞

Sourcecodester Hospital Patient Records Management System is a Web-based application that provides hospitals with an automated platform to store and manage their patient records. sourcecodester Hospital Patient Records A cross-site scripting vulnerability exists in v1.0 of the Management System...

5.4CVSS5.6AI score0.00627EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2021/11/09 4:1 p.m.20 views

The New Frontier of Enterprise Risk: Nth Parties

By Ran Nahmias, Co-Founder and CBO, Cyberpion The concept of risk in enterprise IT is constantly evolving. And considering recent findings, it’s clear that there’s a risk frontier that’s been underestimated – Nth party risk. Traditional enterprise risk management has focused on two domains:...

7.4AI score
Exploits0References4
OSV
OSV
added 2020/07/28 12:0 a.m.5 views

OSV-2020-1429 Segv on unknown address in clang::OverloadExpr::find

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19972 Crash type: Segv on unknown address Crash state: clang::OverloadExpr::find clang::Sema::ResolveAndFixSingleFunctionTemplateSpecialization clang::Sema::CheckPlaceholderExpr...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2020/01/14 12:0 a.m.10 views

PT-2020-18294 · Phpgurukul · Phpgurukul Hospital Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System in PHP version 4.0 Description: The issue concerns multiple reflected XSS vulnerabilities. These can be triggered via the searchdata or Doctorspecialization parameter. Recommendations: For PHPGurukul...

6.1CVSS6.1AI score0.00923EPSS
Exploits2References2
Trend Micro Simply Security
Trend Micro Simply Security
added 2018/10/09 1:0 p.m.21 views

Let’s Continue the Skills Gap Conversation

Most analysis is that the cybersecurity skills gap or shortage is getting worse. ESG reported in CSOOnline that 2018 had the highest levels, at 51%, where organizations "claimed their organization had a problematic shortage of cybersecurity skills." It’s a complex problem, but I believe with...

7AI score
Exploits0
0day.today
0day.today
added 2017/11/16 12:0 a.m.64 views

Microsoft Edge Chakra JIT - Type Confusion with switch Statements Exploit

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1341&desc=3 Let's start with a switch statement and its IR code for JIT. JS: for let i = 0; i ; 100; i++ switch i case 2: case 4: case 6: case 8: case 10: case 12: case 14: case...

7.6CVSS7.8AI score0.6546EPSS
Exploits4
ThreatPost
ThreatPost
added 2013/04/18 1:1 p.m.10 views

Dan Geer, Richard Thieme on specialization in security

Two elders of information security came to Source Boston 2013 Wednesday morning to encourage the next generation to grab the torch from them and to urge great caution in diving too deeply into specialization. Heavy thinkers Dan Geer and Richard Thieme said that the industry is closing in on an en...

0.7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2012/10/30 12:41 a.m.8 views

Alliance Issues Guidance for Cloud-Based SIEM Services

The non-profit Cloud Security Alliance today released guidelines for the nascent Security as a Service SecaaS specialization within the broader realm of cloud computing. The goal, the group says, is to help companies and consumers gain a better handle on how best to evaluate, build and deploy...

0.1AI score
Exploits0References3
Rows per page
Query Builder