May

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue occurs when performing the inference shape operation of the Tile operator. If the input data type is not int or int32, it will access data outside of the bounds of heap allocated buffers. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue occurs when performing inference shape operations on certain operators, including Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather. If the input shape size is 0, it can lead to accessing data outside the bounds of the allocated shape from heap buffers. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue arises during the inference shape operation of the Transpose operator. If the value in the `perm` element is greater than or equal to the size of the `input shape`, it will access data outside the bounds of `input shape`, which is allocated from heap buffers. This is a buffer overflow issue that can potentially lead to data corruption or other security problems. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue arises when performing the inference shape operation of the SparseToDense operator with less than three inputs, causing it to access data outside the bounds of inputs allocated from heap buffers. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TensorFlow (affected versions not specified) **Description** The issue arises when the DepthwiseConv2D operator is used with its `depth multiplier` attribute set to 0. This configuration leads to a division by 0 exception during the analytical operation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue occurs when the Reduce operator run operation is executed and there is a value of 0 in the parameter `axis sizes` element, causing a division by 0 exception. No information is provided about the estimated number of potentially affected devices or real-world incidents. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TensorFlow versions (affected versions not specified) **Description** The issue arises when the SpaceToBatch operator performs the derivation shape operation and encounters a value of 0 in the `block shape` element, leading to a division by 0 exception. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue occurs when performing the initialization operation of the Split operator. If a dimension in the input shape is 0, it will cause a division by 0 exception. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.