Lucene search
K

27 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-0333

Malware in sbrugna...

7.8CVSS7.5AI score0.00215EPSS
Exploits1References10
OSV
OSV
added 2024/03/06 11:18 a.m.42 views

BIT-TENSORFLOW-2021-29592 Null pointer dereference in TFLite's `Reshape` operator

TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209https://vulners.com/cve/CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the...

7.8CVSS6.5AI score0.00215EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2021/05/21 2:26 p.m.45 views

Null pointer dereference in TFLite's `Reshape` operator

Impact The fix for CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the vulnerability allowed passing a null-buffer-backed tensor with a 1D shape: cc if tensor-data.raw == nullptr && tensor-bytes 0 if...

7.8CVSS0.6AI score0.008EPSS
Exploits2References8Affected Software3
PyPA
PyPA
added 2021/05/14 8:15 p.m.4 views

PYSEC-2021-718

TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209https://vulners.com/cve/CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the...

7.8CVSS6.9AI score0.008EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2021/05/14 8:15 p.m.17 views

Null pointer dereference

TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209https://vulners.com/cve/CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the...

4.6CVSS5.8AI score0.008EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2021/05/14 8:15 p.m.22 views

PYSEC-2021-520

TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209https://vulners.com/cve/CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the...

7.8CVSS6.5AI score0.00215EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2020/09/25 7:15 p.m.4 views

azureml-designer-recommender-modules (>=0.0.1 <=0.0.9), monk-cuda100 (=0.0.1) +9 more potentially affected by CVE-2020-15209 via tensorflow-gpu (>=2.0.0 <=2.0.1)

tensorflow-gpu PYPI version =2.0.0, =0.0.1, =0.0.9 - monk-cuda100 =0.0.1 - monk-cuda100-test =0.0.1 - monk-cuda101 =0.0.1 - monk-cuda101-test =0.0.1 - monk-keras-cuda100 =0.0.1 - monk-keras-cuda100-test =0.0.1 - monk-keras-cuda101 =0.0.1 - monk-keras-cuda101-test =0.0.1 - monk-keras-cuda102 =0.0....

5.9CVSS6.5AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/25 7:15 p.m.6 views

easyquake (>=1.1.0 <=1.2.2), epyseg (>=0.1.0 <=0.1.7) +3 more potentially affected by CVE-2020-15209 via tensorflow-gpu (>=2.1.0 <=2.1.1)

tensorflow-gpu PYPI version =2.1.0, =1.1.0, =0.1.0, =1.7.0, =1.9.5 Source cves: CVE-2020-15209 Source advisory: OSV:PYSEC-2020-324...

5.9CVSS6.5AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/25 7:15 p.m.6 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +49 more potentially affected by CVE-2020-15209 via tensorflow-gpu (>=1.10.1 <=1.15.3)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.1.0, =0.1.0, =1.0.0, =0.2.3, =0.0.1, =0.0.7, =0.2.0 - keras-textclassification =0.1.6 and more Source cves: CVE-2020-15209 Source advisory: OSV:PYSEC-2020-324...

5.9CVSS6.5AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/25 7:15 p.m.6 views

gamornet-cpu (>=0.2.3 <=0.4.3), tchatbot (=0.1.0) +1 more potentially affected by CVE-2020-15209 via tensorflow-cpu (=1.15.0)

tensorflow-cpu PYPI version =1.15.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - gamornet-cpu =0.2.3, =0.7.0, =0.7.5 Source cves: CVE-2020-15209 Source advisory: OSV:PYSEC-2020-289...

5.9CVSS6.5AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/25 7:15 p.m.3 views

accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +82 more potentially affected by CVE-2020-15209 via tensorflow (=2.2.0)

tensorflow PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - accuinsight =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2020-15209 Source advisory...

5.9CVSS6.5AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/25 7:15 p.m.10 views

deep-floorplan (=0.0.0) potentially affected by CVE-2020-15209 via tensorflow-gpu (=2.3.0)

tensorflow-gpu PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - deep-floorplan =0.0.0 Source cves: CVE-2020-15209 Source advisory: OSV:PYSEC-2020-324...

5.9CVSS6.5AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/25 7:15 p.m.6 views

aglvq (=1.0.0), beacon-trellis (=0.1.0) +64 more potentially affected by CVE-2020-15209 via tensorflow (=2.1.0)

tensorflow PYPI version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - aglvq =1.0.0 - beacon-trellis =0.1.0 - biobb-ml =3.0.0, =0.0.1, =0.2.0, =0.0.2, =0.1.0, =1.1.0, =0.2.0rc1, =0.2.0rc3 and more Source cves:...

5.9CVSS6.5AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/25 7:15 p.m.6 views

pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2020-15209 via tensorflow-cpu (=2.2.0)

tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2020-15209 Source advisory: OSV:PYSEC-2020-289...

5.9CVSS6.5AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/25 7:15 p.m.6 views

adapt-diagnostics (=1.2.0), adversarial-friend (=1.1.8) +64 more potentially affected by CVE-2020-15209 via tensorflow (=2.3.0)

tensorflow PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - adapt-diagnostics =1.2.0 - adversarial-friend =1.1.8 - aliby-baby =0.1.0, =0.0.1a0, =0.0.1, =1.0.1.0, =0.1.0, =2.0.0, =0.1.0, =0.0.17, =0.1...

5.9CVSS6.5AI score0.008EPSS
Exploits1
CVE
CVE
added 2020/09/25 6:45 p.m.186 views

CVE-2020-15209

Observation: CVE-2020-15209 affects TensorFlow Lite. A crafted TFLite flatbuffer can flip a tensor’s buffer index, turning a read-only tensor into read-write, which the runtime may treat as writable and initialize with a null buffer, causing a null pointer dereference. The issue has a concrete ro...

5.9CVSS5.8AI score0.008EPSS
Exploits1References4Affected Software1
vulnersOsv
vulnersOsv
added 2020/09/25 6:28 p.m.5 views

tensorflowjs (>=1.5.2 <=1.7.4) potentially affected by CVE-2020-15209 via tensorflow-cpu (=2.1.0)

tensorflow-cpu PYPI version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - tensorflowjs =1.5.2, =1.7.4 Source cves: CVE-2020-15209 Source advisory: OSV:GHSA-QH32-6JJC-QPRM...

5.9CVSS6.5AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/25 6:28 p.m.4 views

gamornet-cpu (>=0.2.3 <=0.4.3), tchatbot (=0.1.0) +1 more potentially affected by CVE-2020-15209 via tensorflow-cpu (=1.15.0)

tensorflow-cpu PYPI version =1.15.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - gamornet-cpu =0.2.3, =0.7.0, =0.7.5 Source cves: CVE-2020-15209 Source advisory: OSV:GHSA-QH32-6JJC-QPRM...

5.9CVSS6.5AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/25 6:28 p.m.6 views

aglvq (=1.0.0), beacon-trellis (=0.1.0) +64 more potentially affected by CVE-2020-15209 via tensorflow (=2.1.0)

tensorflow PYPI version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - aglvq =1.0.0 - beacon-trellis =0.1.0 - biobb-ml =3.0.0, =0.0.1, =0.2.0, =0.0.2, =0.1.0, =1.1.0, =0.2.0rc1, =0.2.0rc3 and more Source cves:...

5.9CVSS6.5AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/25 6:28 p.m.4 views

abba-python (>=0.1.6 <=0.3.0), adpred (>=1.1.2 <=1.2.7) +233 more potentially affected by CVE-2020-15209 via tensorflow (>=1.0.1 <=1.15.3)

tensorflow PYPI version =1.0.1, =0.1.6, =1.1.2, =0.0.1, =0.3.26, =0.2.0, =0.4.2, =0.1.1, =0.1.5 - autobazaar =0.1.0 - autogan =0.0.5 - automationobjectdetection-sandeepjena7 =0.0.1 - automl-lib =0.0.1 and more Source cves: CVE-2020-15209 Source advisory: OSV:GHSA-QH32-6JJC-QPRM...

5.9CVSS6.5AI score0.008EPSS
Exploits1
Rows per page
Query Builder