Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/06/15 12:0 a.m.7 views

PT-2026-49598

Overview W3CBaggagePropagator.extract in @opentelemetry/core does not enforce size limits when parsing inbound baggage HTTP headers. The W3C Baggage specification recommends a maximum of 8,192 bytes and 180 entries; these limits were only enforced on the outbound inject path, not on the inbound...

5.3CVSS5.5AI score0.00045EPSS
Exploits0References3
PyPA
PyPAadded 2022/02/04 11:15 p.m.6 views

PYSEC-2022-121

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in BiasAndClamp implementation. There is no check that the biassize is non zero. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

6.5CVSS7AI score0.00745EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVEadded 2022/02/04 10:32 p.m.3 views

CVE-2022-23574

Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's SpecializeType which results in heap OOB read/write. Due to a typo, arg is initialized to the ith mutable argument in a loop where the loop index is j. Hence it is possible to assign to arg from outside the...

8.8CVSS6.9AI score0.00824EPSS
Exploits1
Vulnrichment
Vulnrichmentadded 2022/02/04 10:32 p.m.3 views

CVE-2022-23573 Uninitialized variable access in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of AssignOp can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized to minimize number of...

7.6CVSS8.6AI score0.00743EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2022/02/04 10:32 p.m.4 views

CVE-2022-23592 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...

8.1CVSS8AI score0.00845EPSS
Exploits1References3
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.39 views

CVE-2022-23593 Segfault in `simplifyBroadcast` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The simplifyBroadcast function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault hence, denial of service, if called with scalar shapes. If all shapes are scalar, then maxRank is 0, so we build an empty SmallVector...

5.9CVSS7.5AI score0.00857EPSS
Exploits1References3
OSV
OSVadded 2022/02/03 2:15 p.m.2 views

PYSEC-2022-117

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...

6.5CVSS5.9AI score0.00771EPSS
Exploits1References3
PyPA
PyPAadded 2022/02/03 11:15 a.m.5 views

PYSEC-2022-109

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this...

8.1CVSS6.9AI score0.00803EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder