MALICIOUS USER CAN CALL THE FlywheelBribeRewards.setRewardsDepot() FUNCTION INDEFINITELY TO PUSH ethereum INTO STATE BLOAT

Lines of code Vulnerability details Impact The FlywheelBribeRewards.setRewardsDepot function is an external permissionless function. Any malicious user can create as many ERC20 compatible contracts as possible and can call this function to set themselves as strategies in the...

TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound`

Impact If LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.int32 sortedinputs = tf.constant, shape=10,0, dtype=tf.float32...

CVE-2022-35965 Segfault in `LowerBound` and `UpperBound` in TensorFlow

TensorFlow is an open source platform for machine learning. If LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

Google TensorFlow 代码问题漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A code issue vulnerability exists in Google TensorFlow, which stems from the fact that if an empty sortedinputs input is provided for a LowerBound or UpperBound, it can cause nullptr dereference, an...

Heap OOB in `UpperBound` and `LowerBound`

Impact An attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound: python import tensorflow as tf tf.rawops.UpperBound sortedinput=1,2,3, values=tf.constantvalue=0,0,0,1,1,1,2,2,2,dtype=tf.int64, outtype=tf.int64 The...

Google TensorFlow "tf.raw_ops.UpperBound" Information Disclosure Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow "tf.rawops.UpperBound". An attacker could exploit this vulnerability to read data from outside the boundaries of the heap allocation data and use this information to laun...

PYSEC-2021-292

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...

PYSEC-2021-781

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...

CVE-2021-37670 Heap OOB in `UpperBound` and `LowerBound` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...