Browse All

TensorFlow, an open source platform for machine learning, has a vulnerability in its `Split` operator for TFLite (TensorFlow Lite, a lightweight version for mobile devices) that causes a division by zero error (a crash that happens when code tries to divide a number by zero). An attacker can create a malicious model that sets `num_splits` to 0, triggering this crash.

TensorFlow, an open-source machine learning platform, has a vulnerability in its SVDF TFLite operator (a component that performs specific neural network calculations on mobile devices) where an attacker can craft a malicious model that causes a division by zero error (attempting to divide a number by zero, which crashes the program). This happens when a parameter called `params->rank` is set to 0.

TensorFlow, an open-source machine learning platform, has a vulnerability in its `SpaceToBatchNd` operator (a function that rearranges data in neural network models) that can be triggered by a division by zero error (when code tries to divide a number by zero, crashing the system). An attacker can create a malicious model that causes this crash by setting one dimension of the block input to 0.

TensorFlow, an open source machine learning platform, has a vulnerability in its `EmbeddingLookup` operator that can cause a division by zero error (a crash caused by trying to divide by zero). An attacker could craft a malicious model with a specific input dimension set to 0 to trigger this crash.

TensorFlow, an open source machine learning platform, has a vulnerability in its `DepthToSpace` TFLite operator (a component that processes neural network data in a specific format called TensorFlow Lite). An attacker can create a malicious model that causes a division by zero error (when code tries to divide a number by zero, crashing the system), potentially allowing them to disrupt or crash applications using this operator.

TensorFlow's TFLite (a lightweight version of the machine learning platform) has a bug in its convolution code (math operations that process image data) where user-controlled values can be used as divisors without checking if they're zero, which could cause crashes or unexpected behavior. This happens because division by zero is not prevented in the code.

TensorFlow, a platform for building machine learning models, has a vulnerability in its `BatchToSpaceNd` operator (a function that reshapes data), which can crash when an attacker provides specially crafted input that causes a division by zero error (attempting to divide by zero, which is mathematically impossible). An attacker could exploit this to cause the software to malfunction.

TensorFlow (an open source machine learning platform) has a vulnerability in its `Minimum` and `Maximum` operators that can allow reading data outside the bounds of allocated memory if one of the input tensors is empty, because the broadcasting implementation (the process of making tensors compatible for operations) doesn't check whether array indexes are valid. This is a memory access bug that could expose sensitive data.

TensorFlow, an open source machine learning platform, has a vulnerability in its GatherNd operator (a function that gathers data from a tensor, or multi-dimensional array) where an attacker can cause a division by zero error (a crash caused by dividing by zero) by crafting a malicious model with an empty input. This could allow an attacker to crash or disrupt applications using this operator.

TensorFlow, an open source machine learning platform, has a vulnerability in its `TransposeConv` operator (a neural network layer that reshapes data) where a division by zero error can occur if an attacker creates a malicious model with stride values set to 0. This bug could cause the software to crash or behave unexpectedly when processing such a model.

TensorFlow, an open-source machine learning platform, has a vulnerability in its `SpaceToDepth` operator (a tool that rearranges data in neural networks) where the code doesn't check if a value called `block_size` is zero before dividing by it, which could cause a crash. An attacker could create a malicious model that sets `block_size` to zero to trigger this division-by-zero error.

TensorFlow's pooling code (the part that downsamples data in neural networks) has a bug where it doesn't check if stride values, which control how much data to skip, are zero before doing math with them. An attacker can create a special machine learning model that forces stride to be zero, causing a division by zero error (dividing by zero, which crashes programs) that could crash or be exploited.

TensorFlow, a popular machine learning platform, has a bug in TFLite (TensorFlow Lite, a lightweight version for mobile and embedded devices) where a function called `ComputeOutSize` divides by a `stride` parameter without checking if it's zero first. An attacker could create a specially crafted model that triggers this division-by-zero error, potentially crashing the application.

TensorFlow (a machine learning platform) has a vulnerability where an attacker can crash the system by triggering an integer overflow (when a number becomes too large for the system to handle) in the code that creates tensor shapes (multi-dimensional arrays). The problem occurs because the code doesn't check if dimension calculations will overflow before creating a new tensor shape.

TensorFlow's `tf.raw_ops.FusedBatchNorm` function has a vulnerability where it doesn't properly check that certain input values (scale, offset, mean, and variance) match the size of the data being processed, which can cause a heap buffer overflow (reading data beyond allocated memory boundaries) or crash the program by accessing null pointers if empty tensors are provided.

TensorFlow, a popular machine learning platform, has a vulnerability in its `Dequantize` operation where the code doesn't check that two input values (called `min_range` and `max_range` tensors, which are multi-dimensional arrays of data) have matching dimensions before using them together, allowing an attacker to read memory from outside the intended area. This is a type of memory safety bug that could let attackers access sensitive data or crash the system.

TensorFlow, a machine learning platform, has a vulnerability in one of its functions (`tf.raw_ops.CTCBeamSearchDecoder`) that fails to check if input data is empty before processing it. When an attacker provides empty input, the software crashes (segmentation fault, which is when a program tries to read from memory it shouldn't access), causing a denial of service (making the system unavailable).

TensorFlow, an open source machine learning platform, has a vulnerability in the `tf.raw_ops.FractionalMaxPoolGrad` function that can crash the program when given empty input tensors (arrays of data with no elements). The bug occurs because the code doesn't properly check that input and output tensors are valid before processing them, which can be exploited to cause a denial of service attack (making the system unavailable).