📄 Keras 3.13.0 Malicious ML Model Server HDF5 Shape Bomb

This script is a Flask-based web server that distributes .keras machine learning model files, but it is designed in a malicious way for security research/testing scenarios. The main idea is a denial of service via memory exhaustion, where generated Keras models contain artificially declared...

Keras 3.13.0 HDF5 Shape Fuzzing for Robustness Testing

This script performs fuzz testing against Keras version 3.13.0 on randomly generated tensor shapes using NumPy and HDF5 to evaluate stability and error handling in file creation workflows...

Keras 3.13.0 Bulk Generator for Large-Scale HDF5 Shape Test Models

This script is a parallel batch generator designed to create multiple .keras model files using a thread pool. Each file is generated with a predefined set of large tensor shapes intended for stress testing or memory-impact evaluation in HDF5/Keras workflows...

EUVD-2026-24620

Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...

CVE-2026-41664

Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...

CVE-2026-41664

Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...

CVE-2026-41664

Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...

ONE 输入验证错误漏洞

ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions prior to ONE 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of memory copy sizes, which could lead t...

PT-2026-34258

CVE-2026-41664 Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prio… https://t.co/2SA7cFRHKO...

CVE-2025-65886

A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...

CVE-2025-65886

A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...

CVE-2025-65886

A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...

EUVD-2025-206484

A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...

Oneflow security vulnerabilities

Oneflow is an open-source deep learning framework developed by Oneflow. Version 0.9.0 of Oneflow contains a security vulnerability, which stems from a shape mismatch issue. This vulnerability could lead to denial-of-service attacks using specially crafted tensor shapes...

PT-2026-5136

A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...

CVE-2025-65886

A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...

CVE-2025-65886

A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...

CVE-2025-65886

CVE-2025-65886 describes a shape-mismatch vulnerability in OneFlow v0.9.0 that allows attackers to cause a Denial of Service (DoS) by supplying crafted tensor shapes. The CVSS 3.1 vector indicates network attack vector, no privileges/UI, with high impact on availability. Connected sources (RH, NV...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. Building invalid/overflowing tensor shapes leads to CHECK-fails, causing an application crash...

CVE-2022-23568 Integer overflows in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...