CVE-2026-0150

In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation...

CVE-2026-0137

In edgetpusyncfencegroupshutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0150

In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation...

CVE-2026-0150

CVE-2026-0150 affects EdgeTPU firmware, specifically the ExecuteGraph command handler. The issue is a possible out-of-bounds write caused by an integer overflow, enabling local escalation of privilege with root privileges required. Exploitation does not require user interaction. The available con...

PT-2026-49796

In edgetpu sync fence group shutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

PUB-A-467353904

In edgetpusyncfencegroupshutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

Google Pixel Security Breach

Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that originates in the component TPU and could lead to elevated privileges...

CVE-2024-32914

In tpugetintstate of tpu.c, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32914

CVE-2024-32914 affects the tpu_get_int_state function in tpu.c, enabling local information disclosure due to uninitialized data. The impact is information disclosure without additional execution privileges and without user interaction. Documented in multiple sources (NVD/Red Hat/NVD and Android P...

PT-2024-24968 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a possible information disclosure due to uninitialized data in the tpu get int state function of tpu.c. This could lead to local...

huntsman-tpu.com Cross Site Scripting vulnerability OBB-3856808

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Google Unveils RETVec - Gmail's New Defense Against Spam and Malicious Emails

Google has revealed a new multilingual text vectorizer called RETVec short for Resilient and Efficient Text Vectorizer to help detect potentially harmful content such as spam and malicious emails in Gmail. "RETVec is trained to be resilient against character-level manipulations including insertio...

Authentication flaw

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

CVE-2023-36669

CVE-2023-36669 (Kratos NGC IDU) affects Kratos NGC Indoor Unit prior to 11.4, where missing authentication for a critical function allows remote attackers with layer-3 network access to impersonate the Touch Panel Unit (TPU) by sending crafted TCP requests, granting arbitrary control of the IDU/O...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by unknown CVE via tensorflow-cpu (=2.7.0)

tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: unknown CVE Source advisory: OSV:GHSA-MW6J-HH29-H379...

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by unknown CVE via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: unknown CVE Source advisory: OSV:GHSA-MW6J-HH29-H3...

lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-29216 via tensorflow-cpu (=2.7.0)

tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-29216 Source advisory: OSV:GHSA-75C9-JRH4-79MC...

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-29213 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-29213 Source advisory:...

lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-29213 via tensorflow-cpu (=2.7.0)

tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-29213 Source advisory: OSV:GHSA-5889-7V45-Q28M...