VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 116 of 124
  • CVE-2021-32629May 24, 2021
    risk 0.00cvss epss 0.00

    Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a…

  • CVE-2021-29590May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. The implementations of the `Minimum` and `Maximum` TFLite operators can be used to read data outside of bounds of heap allocated objects, if any of the two input tensor arguments are empty. This is because…

  • CVE-2021-29606May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of `Split_V`(https://github.com/tensorflow/tensorflow/blob/c59c37e7b2d563967da813fa50fe20b21f4da683/tensorflow/li…

  • CVE-2021-29613May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap. The fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2,…

  • CVE-2021-29559May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data outside of bounds of heap allocated array in `tf.raw_ops.UnicodeEncode`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/472c1f12ad9063405737679d4f6…

  • CVE-2021-29560May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `tf.raw_ops.RaggedTensorToTensor`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/d94227d43aa125ad8b54115c03cece54f6a1977b/tens…

  • CVE-2021-29569May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation(https://github.com/tensorflow…

  • CVE-2021-29570May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation(https://github.com/tensorflow…

  • CVE-2021-29582May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.Dequantize`, an attacker can trigger a read from outside of bounds of heap allocated data. The implementation(https://github.com/tensorflow/tensorflow/blob/26003593aa94…

  • CVE-2021-29583May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FusedBatchNorm` is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The…

  • CVE-2021-29532May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to `tf.raw_ops.RaggedCross`. This is because the implementation(https://github.com/tensorflow/tens…

  • CVE-2021-29547May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a segfault and denial of service via accessing data outside of bounds in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the…

  • CVE-2021-29551May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixTriangularSolve`(https://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16e798/tensorflow/core/kernels/linalg/matrix_triangular_solve_op_impl.h#L160-L240)…

  • CVE-2021-29553May 14, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in `tf.raw_ops.QuantizeAndDequantizeV3`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/11ff7f80667e6490d7…

  • CVE-2021-29934Apr 1, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in PartialReader in the uu_od crate before 0.0.4 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation.

  • CVE-2021-25293Mar 19, 2021
    risk 0.00cvss epss 0.02

    An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.

  • CVE-2021-25291Mar 19, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.

  • CVE-2021-28308Mar 12, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the fltk crate before 0.15.3 for Rust. There is an out-of bounds read because the pixmap constructor lacks pixmap input validation.

  • CVE-2021-26957Feb 9, 2021
    risk 0.00cvss epss 0.02

    An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in xcb::xproto::change_property(), as demonstrated by a format=32 T=u8 situation where out-of-bounds bytes are sent to an X server.

  • CVE-2021-25901Jan 22, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the lazy-init crate through 2021-01-17 for Rust. Lazy lacks a Send bound, leading to a data race.