7035 matches found
Integer overflow in TensorFlow
ImpactUnder certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior. PatchesWe have patched the issue in GitHub commit...
Out of bounds read in Tensorflow
Impact The implementation of Dequantize does not fully validate the value of axis and can result in heap OOB accesses:pythonimport tensorflow as [email protected] test: y = tf.rawops.Dequantize input=tf.constant1,1,dtype=tf.qint32, minrange=1.0, maxrange=10.0, mode='MINCOMBINED', narrowrange=Fals...
Out-of-bounds Write in OpenCV
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, version 4.1.0 corresponds with OpenCV-Python version 4.1.2.30. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code...
Out-of-bounds Write in OpenCV.
In OpenCV 3.3.1 corresponding with OpenCV-Python 3.3.1.11, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmtjpeg2000.cpp when parsing a crafted image file...
Out-of-bounds Write in OpenCV
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, version 4.1.0 corresponds with OpenCV-Python version 4.1.2.30. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code...
Out-of-bounds Write in OpenCV
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0 corresponds with OpenCV-Python 4.1.0.25. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An...
Out-of-bounds Write in OpenCV
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0 corresponds with OpenCV-Python 4.1.0.25. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An...
`CHECK`-failures during Grappler's `IsSimplifiableReshape` in Tensorflow
ImpactThe Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a SavedModel such that IsSimplifiableReshape would trigger CHECK failures. PatchesWe have patched the issue in GitHub commits ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1,...
Abort caused by allocating a vector that is too large in Tensorflow
ImpactDuring shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user:cc const auto numdims = Valueshapedim; std::vector dims; dims.reservenumdims; Patches We have patched the issue in GitHub commit 1361fb7e29449629e1df94d44e0427ebec8c83c7.The...
Integer overflow in Tensorflow
Impact The implementation of shape inference for Dequantize is vulnerable to an integer overflow weakness:pythonimport tensorflow as tfinput = tf.constant1,1,[email protected] test: y = tf.rawops.Dequantize input=input, minrange=1.0, maxrange=10.0, mode='MINCOMBINED',...
Out-of-bounds Write in OpenCV
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, version 4.1.0 corresponds with OpenCV-Python version 4.1.2.30. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code...
Out-of-bounds Write in OpenCV
In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android...
Out-of-bounds Write in OpenCV
In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android...
Out-of-bounds Read in OpenCV
OpenCV 4.1.1 has an out-of-bounds read in halbaseline::vload in core/hal/intrinsse.hpp when called from computeSSDMeanNorm in modules/video/src/disflow.cpp...
Out-of-bounds Write in OpenCV
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0 corresponds with OpenCV-Python 4.1.0.25. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An...
Out-of-bounds Read in OpenCV
An out-of-bounds read was discovered in OpenCV before 4.1.1 OpenCV-Python before 4.1.0.25. Specifically, variable coarsestscale is assumed to be greater than or equal to finestscale within the calc/oclcalc functions in disflow.cpp. However, this is not true when dealing with small images, leading...
Out-of-bounds Read in OpenCV
OpenCV 4.1.1 has an out-of-bounds read in halbaseline::vload in core/hal/intrinsse.hpp when called from computeSSDMeanNorm in modules/video/src/disflow.cpp...
Out-of-bounds Read in OpenCV
OpenCV 4.1.1 has an out-of-bounds read in halbaseline::vload in core/hal/intrinsse.hpp when called from computeSSDMeanNorm in modules/video/src/disflow.cpp...
Out-of-bounds Read in OpenCV
An out-of-bounds read was discovered in OpenCV before 4.1.1 OpenCV-Python before 4.1.0.25. Specifically, variable coarsestscale is assumed to be greater than or equal to finestscale within the calc/oclcalc functions in disflow.cpp. However, this is not true when dealing with small images, leading...
Out-of-bounds Read in OpenCV
An out-of-bounds read was discovered in OpenCV before 4.1.1 OpenCV-Python before 4.1.0.25. Specifically, variable coarsestscale is assumed to be greater than or equal to finestscale within the calc/oclcalc functions in disflow.cpp. However, this is not true when dealing with small images, leading...
Out-of-bounds Write in OpenCV
In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android...
Out-of-bounds Read and Out-of-bounds Write in OpenCV
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1 OpenCV-Python before 3.4.7.28 and 4.x before 4.1.1.26. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service...
Out-of-bounds Read and Out-of-bounds Write in OpenCV
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1 OpenCV-Python before 3.4.7.28 and 4.x before 4.1.1.26. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service...
Out-of-bounds Read in OpenCV
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1 OpenCV-Python before 3.4.7.28 and 4.x before 4.1.1.26. There is an out of bounds read in the function cv::predictOrdered in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service...
NULL Pointer Dereference in OpenCV.
An issue was discovered in OpenCV before 4.1.1 OpenCV-Python before 4.1.1.26. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp...
Out-of-bounds Read and Out-of-bounds Write in OpenCV
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1 OpenCV-Python before 3.4.7.28 and 4.x before 4.1.1.26. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service...
NULL Pointer Dereference in OpenCV.
An issue was discovered in OpenCV before 4.1.1 OpenCV-Python before 4.1.1.26. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp...
NULL Pointer Dereference in OpenCV.
An issue was discovered in OpenCV before 4.1.1 OpenCV-Python before 4.1.1.26. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp...
Divide By Zero in OpenCV.
An issue was discovered in OpenCV 4.1.0 OpenCV-Python 4.1.0.25. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp...
Divide By Zero in OpenCV.
An issue was discovered in OpenCV 4.1.0 OpenCV-Python 4.1.0.25. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp...
Divide By Zero in OpenCV.
An issue was discovered in OpenCV 4.1.0 OpenCV-Python 4.1.0.25. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp...
Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV
In modules/imgcodecs/src/grfmtpxm.cpp, the length of buffer AutoBuffer src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects OpenCV 3.3 corresponding to OpenCV-Python 3.3.0.9 and...
Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV
OpenCV 3.3.1 corresponding with opencv-python and opencv-contrib-python 3.3.1.11 has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmtpxm.cpp, because an incorrect size value is used...
Integer Overflow or Wraparound in OpenCV
In opencv/modules/imgcodecs/src/grfmtpxm.cpp, function PxMDecoder::readData has an integer overflow when calculate srcpitch. If the image is from remote, may lead to remote code execution or denial of service. This affects OpenCV 3.3 corresponding to OpenCV-Python 3.3.0.9 and earlier...
Out-of-bounds Write in OpenCV
OpenCV Open Source Computer Vision Library 3.3 corresponding to OpenCV-Python 3.3.0.9 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12597...
Integer Overflow or Wraparound in OpenCV
In opencv/modules/imgcodecs/src/grfmtpxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects OpenCV 3.3 corresponding with OpenCV-Python version 3.3.0.9 and...
Reachable Assertion in OpenCV.
In OpenCV 3.3.1 corresponds with OpenCV-Python 3.3.1.11, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast...
Out-of-bounds Read in OpenCV
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1 OpenCV-Python before 3.4.7.28 and 4.x before 4.1.1.26. There is an out of bounds read in the function cv::predictOrdered in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service...
Out-of-bounds Read in OpenCV
In OpenCV 3.3.1 corresponding with OpenCV-Python 3.3.1.11, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmthdr.cpp...
Out-of-bounds Read in OpenCV
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1 OpenCV-Python before 3.4.7.28 and 4.x before 4.1.1.26. There is an out of bounds read in the function cv::predictOrdered in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service...
Integer Overflow or Wraparound in OpenCV.
In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 corresponding with OpenCV-Python 3.3.0....
Out-of-bounds Write in OpenCV
OpenCV Open Source Computer Vision Library through 3.3 corresponding to OpenCV-Python and OpenCV-Contrib-Python 3.3.0.9 has an out-of-bounds write error in the FillUniColor function in utils.cpp when reading an image file by using cv::imread...
Out-of-bounds Read in OpenCV
OpenCV Open Source Computer Vision Library through 3.3 corresponding to OpenCV-Python 3.3.0.9 has an out-of-bounds read error in the function icvCvtBGRA2BGR8uC4C3R when reading an image file by using cv::imread...
Denial of Service in OpenCV
OpenCV Open Source Computer Vision Library through 3.3 corresponding to OpenCV-Python 3.3.0.9 has a denial of service memory consumption issue, as demonstrated by the 10-opencv-dos-memory-exhaust test case...
Denial of Service in OpenCV
OpenCV Open Source Computer Vision Library through 3.3 corresponding to OpenCV-Python 3.3.0.9 has a denial of service CPU consumption issue, as demonstrated by the 11-opencv-dos-cpu-exhaust test case...
Out-of-bounds Write in OpenCV
OpenCV Open Source Computer Vision Library through 3.3 corresponding to opencv-python and opencv-contrib-python through 3.3.0.9 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread...
Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV
OpenCV Open Source Computer Vision Library through 3.3 corresponding to OpenCV-Python 3.3.0.9 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmtbmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy...
Out-of-bounds Write in OpenCV
OpenCV Open Source Computer Vision Library through 3.3 corresponding to OpenCV-Python and OpenCV-Contrib-Python 3.3.0.9 has an out-of-bounds write error in the FillColorRow8 function in utils.cpp when reading an image file by using cv::imread...
Out-of-bounds Write in OpenCV
OpenCV Open Source Computer Vision Library through 3.3 corresponding to OpenCV-Python and OpenCV-Contrib-Python 3.3.0.9 has an out-of-bounds write error in the function FillColorRow4 in utils.cpp when reading an image file by using cv::imread...
Out-of-bounds Write in OpenCV
OpenCV Open Source Computer Vision Library through 3.3 corresponding to OpenCV-Python and OpenCV-Contrib-Python 3.3.0.9 has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the...