Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7045 matches found

Cvelist
Cvelistadded 2021/11/05 10:20 p.m.25 views

CVE-2021-41220 Use after free in `CollectiveReduceV2`

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...

7.8CVSS7.8AI score0.00204EPSS
Exploits1References2
CVE
CVEadded 2021/11/05 10:15 p.m.108 views

CVE-2021-41221

TensorFlow’s CVE-2021-41221 relates to a heap-based memory access in the shape inference code for Cudnn* ops. Root cause: ranks of input, input_h, and input_c are not validated, allowing invalid memory access. Fix planned for TensorFlow 2.7.0 with cherry-picks to 2.6.1, 2.5.2, and 2.4.4. Remediat...

7.8CVSS7.6AI score0.00214EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2021/11/05 10:15 p.m.22 views

CVE-2021-41221 Access to invalid memory during shape inference in `Cudnn*` ops

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the Cudnn operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow. This occurs because the ranks of the input, inputh and inputc parameters are n...

7.8CVSS8AI score0.00214EPSS
Exploits1References2
OSV
OSVadded 2021/11/05 10:15 p.m.14 views

CVE-2021-41207

TensorFlow is an open source platform for machine learning. In affected versions the implementation of ParallelConcat misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow...

5.5CVSS5.4AI score
Exploits0References2
OSV
OSVadded 2021/11/05 10:15 p.m.16 views

CVE-2021-41208

TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service via dereferencing nullptrs or via CHECK-failures as well as abuse undefined behavior binding...

7.8CVSS7.5AI score
Exploits0References2
NVD
NVDadded 2021/11/05 10:15 p.m.42 views

CVE-2021-41218

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for AllToAll can be made to execute a division by 0. This occurs whenever the splitcount argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on...

5.5CVSS0.00128EPSS
Exploits0References2
NVD
NVDadded 2021/11/05 10:15 p.m.33 views

CVE-2021-41209

TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...

5.5CVSS0.00136EPSS
Exploits0References2
NVD
NVDadded 2021/11/05 10:15 p.m.22 views

CVE-2021-41208

TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service via dereferencing nullptrs or via CHECK-failures as well as abuse undefined behavior binding...

8.8CVSS0.00168EPSS
Exploits0References2
NVD
NVDadded 2021/11/05 10:15 p.m.31 views

CVE-2021-41207

TensorFlow is an open source platform for machine learning. In affected versions the implementation of ParallelConcat misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow...

5.5CVSS0.00136EPSS
Exploits0References2
NVD
NVDadded 2021/11/05 10:15 p.m.33 views

CVE-2021-41202

TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition...

5.5CVSS0.00202EPSS
Exploits0References5
OSV
OSVadded 2021/11/05 10:15 p.m.18 views

CVE-2021-41206

TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or CHECK-fail related crashes...

7.8CVSS7.7AI score
Exploits0References7
OSV
OSVadded 2021/11/05 10:15 p.m.8 views

CVE-2021-41209

TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...

5.5CVSS5.4AI score
Exploits0References2
OSV
OSVadded 2021/11/05 10:15 p.m.13 views

CVE-2021-41202

TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition...

5.5CVSS5.3AI score
Exploits0References5
Prion
Prionadded 2021/11/05 10:15 p.m.15 views

Design/Logic Flaw

TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition...

2.1CVSS5.4AI score0.00202EPSS
Exploits0References5Affected Software1
Prion
Prionadded 2021/11/05 10:15 p.m.13 views

Design/Logic Flaw

TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or CHECK-fail related crashes...

4.6CVSS7.7AI score0.00174EPSS
Exploits0References7Affected Software1
Prion
Prionadded 2021/11/05 10:15 p.m.17 views

Stack overflow

TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...

2.1CVSS5.6AI score0.00136EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2021/11/05 10:15 p.m.12 views

Stack overflow

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for AllToAll can be made to execute a division by 0. This occurs whenever the splitcount argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on...

2.1CVSS5.8AI score0.00128EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2021/11/05 10:15 p.m.15 views

Input validation

TensorFlow is an open source platform for machine learning. In affected versions the implementation of ParallelConcat misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow...

2.1CVSS5.6AI score0.00136EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2021/11/05 10:15 p.m.19 views

PYSEC-2021-616

TensorFlow is an open source platform for machine learning. In affected versions the implementation of ParallelConcat misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow...

5.5CVSS3.9AI score0.00136EPSS
Exploits0References2
OSV
OSVadded 2021/11/05 10:15 p.m.12 views

PYSEC-2021-618

TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...

5.5CVSS4AI score0.00136EPSS
Exploits0References2
Rows per page
Query Builder