CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in caused by an integer overflow in constructing a new tensor shape. This is because the...

5.5CVSS6.6AI score0.00007EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 9:23 p.m.•4 views

CVE-2021-29556

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.Reverse. This is because the...

5.5CVSS6.6AI score0.00009EPSS

Exploits1References1

Mageia•added 2025/04/03 1:36 a.m.•12 views

Updated curl packages fix security vulnerabilities

When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. The fix was included previously as part of MGAA-2025-0004...

7.3CVSS7.4AI score0.04569EPSS

Exploits3References4

OSV•added 2024/11/07 10:15 a.m.•1 views

AZL-53498 CVE-2024-50158 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix out of bound check Driver exports pacing stats only on GenP5 and P7 adapters. But while parsing the pacing stats, driver has a check for "rdev-dbrpacing". This caused a trace when KASAN is enabled. BUG: KASAN:...

7.8CVSS6.4AI score0.00041EPSS

Exploits0References1

OSV•added 2024/03/06 11:13 a.m.•13 views

BIT-TENSORFLOW-2022-35967 Segfault in `QuantizedAdd` in TensorFlow

TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...

7.5CVSS6.3AI score0.00064EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 3:39 a.m.•1 views

SUSE CVE-2021-37650

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.ExperimentalDatasetToTFRecord and tf.rawops.DatasetToTFRecord can trigger heap buffer overflow and segmentation fault. The implementation assumes that all records in the...

7.8CVSS6.1AI score0.00014EPSS

Exploits0References4

Vulnrichment•added 2022/10/10 12:0 a.m.•7 views

CVE-2022-36063 USBX Host CDC ECM integer underflow with buffer overflow

Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...

7.6CVSS10AI score0.04157EPSS

Exploits1References3

Vulnrichment•added 2022/02/04 10:32 p.m.•6 views

CVE-2022-23558 Integer overflow in TFLite array creation

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...

7.6CVSS8.8AI score0.0039EPSS

Exploits1References4

Vulnrichment•added 2022/02/04 10:32 p.m.•3 views

CVE-2022-23587 Integer overflow in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior...

8.8CVSS9.5AI score0.00295EPSS

Exploits1References3

OSV•added 2021/05/14 8:15 p.m.•22 views

PYSEC-2021-496

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in tf.rawops.ParameterizedTruncatedNormal. This is because the...

7.8CVSS0.7AI score0.00007EPSS

Exploits1References2

Prion•added 2021/05/14 8:15 p.m.•20 views

Code injection

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a division by zero to occur in Conv2DBackpropFilter. This is because the...

2.1CVSS5.3AI score0.00027EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/05/14 7:21 p.m.•16 views

CVE-2021-29597 Division by zero in TFLite's implementation of `SpaceToBatchNd`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that one dimension of the block input is 0. Hence, the corresponding value in blockshape is...

2.5CVSS7.8AI score0.00011EPSS

Exploits1References2

Positive Technologies•added 2021/03/23 12:0 a.m.•2 views

PT-2021-15237 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.0.3 GitHub Enterprise Server version 2.22.9 GitHub Enterprise Server version 2.21.17 Description: A remote code execution issue was identified in GitHub Enterprise Server that could be exploited wh...

8.8CVSS9AI score0.02434EPSS

Exploits0References8

securityvulns•added 2004/07/26 12:0 a.m.•28 views

[Full-Disclosure] OSX Panther Internet Connect Vulnerability.

Apple OSX Panther Internet Connect - Local root Vulnerability. ============================================================== Date: 25.07.2004 Author: B-r00t. 2004. Email: B-r00t [email protected] Vendor: Apple Operating System: OSX Panther Possibly Previous Versions. Application: Internet...

7.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by