196 matches found
SUSE CVE-2021-37682
TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can be made to use unitialized values. For example. The issue stems from the fact that quantization.params is only valid if quantization.type is different that...
Invalid use of `mem::uninitialized` causes `use-of-uninitialized-value`
The compression and decompression function used mem:uninitialized to create an array of uninitialized values, to later write values into it. This later leads to reads from uninitialized memory. The flaw was corrected in commit b633bf265e41c60dfce3be7eac4e4dd5e18d06cf by using a heap-allocated Vec...
GHSA-5M39-WX2Q-MXG3 Invalid use of `mem::uninitialized` causes `use-of-uninitialized-value`
The compression and decompression function used mem:uninitialized to create an array of uninitialized values, to later write values into it. This later leads to reads from uninitialized memory. The flaw was corrected in commit b633bf265e41c60dfce3be7eac4e4dd5e18d06cf by using a heap-allocated Vec...
Google Golang 安全漏洞
Google Golang is a static, strongly typed, compiled language from Google.The syntax of Go is close to C, but with differences in variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages with a...
DEBIAN-CVE-2018-25023
An issue was discovered in the smallvec crate before 0.6.13 for Rust. It can create an uninitialized value of any type, including a reference type...
Rust 安全漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a security vulnerability exists in versions of Rust smallvec crate prior to 0.6.13, which stems from the fact that it can create uninitialized values of any type, including reference types. No details of the...
Synchronet BBS 安全漏洞
Synchronet Bbs is a multi-user Bbs/Internet software from Synchronet, USA. A security vulnerability exists in the scanallsubs function of src/sbbs3/scansubs.cpp in Synchronet BBS, which can be exploited by an attacker to view sensitive information via uninitialized values...
PYSEC-2021-304
TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can be made to use unitialized values. For example. The issue stems from the fact that quantization.params is only valid if quantization.type is different that...
Design/Logic Flaw
TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can be made to use unitialized values. For example. The issue stems from the fact that quantization.params is only valid if quantization.type is different that...
PYSEC-2021-793
TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can be made to use unitialized values. For example. The issue stems from the fact that quantization.params is only valid if quantization.type is different that...
CVE-2021-37682
TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can be made to use unitialized values. For example. The issue stems from the fact that quantization.params is only valid if quantization.type is different that...
PYSEC-2021-595
TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can be made to use unitialized values. For example. The issue stems from the fact that quantization.params is only valid if quantization.type is different that...
PYSEC-2021-304
TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can be made to use unitialized values. For example. The issue stems from the fact that quantization.params is only valid if quantization.type is different that...
PYSEC-2021-793
TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can be made to use unitialized values. For example. The issue stems from the fact that quantization.params is only valid if quantization.type is different that...
PT-2021-21801 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: The issue affects all TFLite operations that use quantization, allowing them to...
Unspecified Vulnerability in Rust (CNVD-2021-38316)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust rkyv crate versions prior to 0.6.0, which stems from the fact that when an archive is created via serialization, the contents of the archive may contain uninitialized valu...
CVE-2021-31919
An issue was discovered in the rkyv crate before 0.6.0 for Rust. When an archive is created via serialization, the archive content may contain uninitialized values of certain parts of a struct...
CVE-2021-31919
An issue was discovered in the rkyv crate before 0.6.0 for Rust. When an archive is created via serialization, the archive content may contain uninitialized values of certain parts of a struct...
Code injection
An issue was discovered in the rkyv crate before 0.6.0 for Rust. When an archive is created via serialization, the archive content may contain uninitialized values of certain parts of a struct...
CVE-2021-31919
The CVE-2021-31919 entry concerns the Rust rkyv crate before version 0.6.0. During serialization, an archive may contain uninitialized values for certain struct parts, potentially affecting the serialized data’s integrity and confidentiality. The core affected component is rkyv (Rust). Publicly d...