Lucene search
+L

924 matches found

OSV
OSV
added 2024/03/06 11:19 a.m.16 views

BIT-TENSORFLOW-2021-29556 Division by 0 in `Reverse`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.Reverse. This is because the...

5.5CVSS5.4AI score0.00189EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:19 a.m.17 views

BIT-TENSORFLOW-2021-29557 Division by 0 in `SparseMatMul`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:19 a.m.26 views

BIT-TENSORFLOW-2021-29558 Heap buffer overflow in `SparseSplit`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...

7.8CVSS7.7AI score0.00211EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:19 a.m.17 views

BIT-TENSORFLOW-2021-29559 Heap OOB access in unicode ops

TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data outside of bounds of heap allocated array in tf.rawops.UnicodeEncode. This is because the...

7.1CVSS6.8AI score0.00198EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:19 a.m.14 views

BIT-TENSORFLOW-2021-29562 CHECK-fail in `tf.raw_ops.IRFFT`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.IRFFT. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2,...

5.5CVSS5.4AI score0.00189EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:19 a.m.17 views

BIT-TENSORFLOW-2021-29563 CHECK-fail in `tf.raw_ops.RFFT`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.RFFT. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:19 a.m.17 views

BIT-TENSORFLOW-2021-29564 Null pointer dereference in `EditDistance`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.EditDistance. This is because the...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:19 a.m.24 views

BIT-TENSORFLOW-2021-29565 Null pointer dereference in `SparseFillEmptyRows`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.SparseFillEmptyRows. This is because of missing...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:19 a.m.27 views

BIT-TENSORFLOW-2021-29567 Lack of validation in `SparseDenseCwiseMul`

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.SparseDenseCwiseMul, an attacker can trigger denial of service via CHECK-fails or accesses to outside the bounds of heap allocated data. Since the...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:18 a.m.21 views

BIT-TENSORFLOW-2021-29568 Reference binding to null in `ParameterizedTruncatedNormal`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in tf.rawops.ParameterizedTruncatedNormal. This is because the...

7.8CVSS7.4AI score0.00197EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:18 a.m.17 views

BIT-TENSORFLOW-2021-29569 Heap out of bounds read in `RequantizationRange`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

7.1CVSS6.7AI score0.00198EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:18 a.m.17 views

BIT-TENSORFLOW-2021-29570 Heap out of bounds read in `MaxPoolGradWithArgmax`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

7.1CVSS6.8AI score0.00154EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 11:18 a.m.11 views

BIT-TENSORFLOW-2021-29572 Reference binding to nullptr in `SdcaOptimizer`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.SdcaOptimizer triggers undefined behavior due to dereferencing a null pointer. The...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:18 a.m.14 views

BIT-TENSORFLOW-2021-29575 Overflow/denial of service in `tf.raw_ops.ReverseSequence`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. The...

5.5CVSS5.8AI score0.00198EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:18 a.m.15 views

BIT-TENSORFLOW-2021-29577 Heap buffer overflow in `AvgPool3DGrad`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.AvgPool3DGrad is vulnerable to a heap buffer overflow. The...

7.8CVSS7.6AI score0.00211EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:18 a.m.12 views

BIT-TENSORFLOW-2021-29578 Heap buffer overflow in `FractionalAvgPoolGrad`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalAvgPoolGrad is vulnerable to a heap buffer overflow. The...

7.8CVSS7.6AI score0.00211EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:18 a.m.11 views

BIT-TENSORFLOW-2021-29582 Heap OOB read in `tf.raw_ops.Dequantize`

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.Dequantize, an attacker can trigger a read from outside of bounds of heap allocated data. The...

7.1CVSS6.7AI score0.00198EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:18 a.m.26 views

BIT-TENSORFLOW-2021-29583 Heap buffer overflow and undefined behavior in `FusedBatchNorm`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FusedBatchNorm is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The...

7.8CVSS7.6AI score0.00211EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:18 a.m.11 views

BIT-TENSORFLOW-2021-29584 CHECK-fail due to integer overflow

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in caused by an integer overflow in constructing a new tensor shape. This is because the...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:18 a.m.23 views

BIT-TENSORFLOW-2021-29587 Division by zero in TFLite's implementation of `SpaceToDepth`

TensorFlow is an end-to-end open source platform for machine learning. The Prepare step of the SpaceToDepth TFLite operator does not check for 0 before divisionhttps://github.com/tensorflow/tensorflow/blob/5f7975d09eac0f10ed8a17dbb6f5964977725adc/tensorflow/lite/kernels/spacetodepth.ccL63-L67. An...

7.8CVSS7.5AI score0.00201EPSS
Exploits1References3
Rows per page
Query Builder