Google TensorFlow up to 2.3.3/2.4.2/2.5.0 tf.raw_ops.Map/tf.raw_ops.OrderedMap null pointer dereference

A vulnerability has been found in Google TensorFlow up to 2.3.3/2.4.2/2.5.0 (Artificial Intelligence Software) and classified as problematic. Affected by this vulnerability is the function tf.raw_ops.Map/tf.raw_ops.OrderedMap. Upgrading to version 2.3.4, 2.4.3, 2.5.1 or 2.6.0 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-37079 : VMWARE VCENTER SERVER/CLOUD FOUNDATION DCERPC HEP-BASED OVERFLOW

CVE-2024-37079 : VMWARE VCENTER SERVER/CLOUD FOUNDATION DCERPC HEP-BASED OVERFLOW

Description vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access

CVE-2024-5469 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION UP TO 16.10.5/16.11.2 KAS RESOURCE CONSUMPTION

CVE-2024-5469 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION UP TO 16.10.5/16.11.2 KAS RESOURCE CONSUMPTION

Description DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3

CVE-2024-27172 : TOSHIBA TEC E-STUDIO MULTI-FUNCTION PERIPHERAL OS COMMAND INJECTION

CVE-2024-27172 : TOSHIBA TEC E-STUDIO MULTI-FUNCTION PERIPHERAL OS COMMAND INJECTION

Description Remote Command program allows an attacker to get Remote Code Execution. As for the affected products/models/versions, see the reference