58 matches found
GHSA-RWW7-2GPW-FV6J Crash when type cannot be specialized in Tensorflow
Impact Under certain scenarios, TensorFlow can fail to specialize a type during shape inference: cc void InferenceContext::PreInputInit const OpDef& opdef, const std::vector& inputtensors, const std::vector& inputtensorsasshapes const auto ret = fulltype::SpecializeTypeattrs, opdef;...
Crash when type cannot be specialized in Tensorflow
Impact Under certain scenarios, TensorFlow can fail to specialize a type during shape inference: cc void InferenceContext::PreInputInit const OpDef& opdef, const std::vector& inputtensors, const std::vector& inputtensorsasshapes const auto ret = fulltype::SpecializeTypeattrs, opdef;...
PYSEC-2022-136
Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the DCHECK function however, DCHECK is a no-op in production builds and an assertion failure in debug builds. In the first cas...
CVE-2022-23572 Crash when type cannot be specialized in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the DCHECK function however, DCHECK is a no-op in production builds and an assertion failure in debug builds. In the first cas...
Google TensorFlow 代码问题漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google USA. Google TensorFlow is vulnerable to a code issue that stems from the fact that TensorFlow may fail to specialize types during shape inference. No detailed vulnerability details are currently available...
CVE-2022-22851
A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php...
CVE-2022-22851
A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php...
CVE-2022-22851
A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php...
Cross site scripting
A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php...
CVE-2022-22851
A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php...
Sourcecodester Hospital Patient Records Management System 跨站脚本漏洞
Sourcecodester Hospital Patient Records Management System is a Web-based application that provides hospitals with an automated platform to store and manage their patient records. sourcecodester Hospital Patient Records A cross-site scripting vulnerability exists in v1.0 of the Management System...
The New Frontier of Enterprise Risk: Nth Parties
By Ran Nahmias, Co-Founder and CBO, Cyberpion The concept of risk in enterprise IT is constantly evolving. And considering recent findings, it’s clear that there’s a risk frontier that’s been underestimated – Nth party risk. Traditional enterprise risk management has focused on two domains:...
OSV-2020-1429 Segv on unknown address in clang::OverloadExpr::find
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19972 Crash type: Segv on unknown address Crash state: clang::OverloadExpr::find clang::Sema::ResolveAndFixSingleFunctionTemplateSpecialization clang::Sema::CheckPlaceholderExpr...
PT-2020-18294 · Phpgurukul · Phpgurukul Hospital Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System in PHP version 4.0 Description: The issue concerns multiple reflected XSS vulnerabilities. These can be triggered via the searchdata or Doctorspecialization parameter. Recommendations: For PHPGurukul...
Let’s Continue the Skills Gap Conversation
Most analysis is that the cybersecurity skills gap or shortage is getting worse. ESG reported in CSOOnline that 2018 had the highest levels, at 51%, where organizations "claimed their organization had a problematic shortage of cybersecurity skills." It’s a complex problem, but I believe with...
Microsoft Edge Chakra JIT - Type Confusion with switch Statements Exploit
Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1341&desc=3 Let's start with a switch statement and its IR code for JIT. JS: for let i = 0; i ; 100; i++ switch i case 2: case 4: case 6: case 8: case 10: case 12: case 14: case...
Dan Geer, Richard Thieme on specialization in security
Two elders of information security came to Source Boston 2013 Wednesday morning to encourage the next generation to grab the torch from them and to urge great caution in diving too deeply into specialization. Heavy thinkers Dan Geer and Richard Thieme said that the industry is closing in on an en...
Alliance Issues Guidance for Cloud-Based SIEM Services
The non-profit Cloud Security Alliance today released guidelines for the nascent Security as a Service SecaaS specialization within the broader realm of cloud computing. The goal, the group says, is to help companies and consumers gain a better handle on how best to evaluate, build and deploy...