Google TensorFlow Denial of Service Vulnerability (CNVD-2021-63079)

Google TensorFlow is an end-to-end open source machine learning platform. A denial of service vulnerability exists in Google TensorFlow. A local attacker could exploit this vulnerability to cause a denial of service condition...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-63078)

Google TensorFlow is an end-to-end open source machine learning platform. A denial of service vulnerability exists in Google TensorFlow. A local attacker could exploit this vulnerability to cause a denial of service condition...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-63076)

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow versions prior to 2.6.0. An attacker could exploit the vulnerability to cause a denial of service...

Google TensorFlow 'tf.raw_ops.NonMaxSuppressionV5' Denial of Service Vulnerability Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in tf.rawops.NonMaxSuppressionV5 in Google TensorFlow versions prior to 2.6.0. An attacker could exploit the vulnerability to cause a denial of service...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-63069)

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow versions prior to 2.6.0. The vulnerability stems from the MLIR optimization of the L2NormalizeReduceAxis operator. An attacker can exploit the vulnerability to cause a...

Google TensorFlow Information Disclosure Vulnerability (CNVD-2021-63070)

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow versions prior to 2.6.0. An attacker can exploit the vulnerability to obtain sensitive information...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-63073)

Google TensorFlow is an end-to-end open source machine learning platform. A security error vulnerability exists in Google TensorFlow versions prior to 2.6.0. A local attacker could exploit this vulnerability to cause a denial of service...

Google TensorFlow TensorFlow sparse reduction information disclosure vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. an information disclosure vulnerability exists in Google TensorFlow TensorFlow sparse reduction. An attacker could exploit this vulnerability to read data from outside the boundaries of the heap allocation data or cause a...

Google TensorFlow "tf.raw_ops.UpperBound" Information Disclosure Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow "tf.rawops.UpperBound". An attacker could exploit this vulnerability to read data from outside the boundaries of the heap allocation data and use this information to laun...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-63066)

Google TensorFlow is an end-to-end open source machine learning platform. a security vulnerability exists in the full connectivity layer in TFLite in versions prior to Google TensorFlow 2.6.0. A local attacker could exploit this vulnerability to cause a denial of service...

Google TensorFlow MKL Code Execution Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow versions prior to 2.6.0. An attacker can exploit the vulnerability to execute arbitrary code on the system...

Google TensorFlow buffer overflow vulnerability (CNVD-2021-64539)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which could be exploited by an attacker to bind a reference to a null pointer in all operations of type tf.rawops.MatrixSetDiagV to cause undefined...

Google TensorFlow buffer overflow vulnerability (CNVD-2021-64535)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A buffer overflow vulnerability exists in Google TensorFlow due to a lack of valid restrictions in tf.rawops.ResourceGather in the affected version, which could be exploited by an attacker to A crash ca...

CVE-2021-37677

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for tf.rawops.Dequantize has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation use...

CVE-2021-37692

TensorFlow is an end-to-end open source platform for machine learning. In affected versions under certain conditions, Go code can trigger a segfault in string deallocation. For string tensors, C.TFTStringDealloc is called during garbage collection within a finalizer function. However, tensor...

CVE-2021-37684

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementations of pooling in TFLite are vulnerable to division by 0 errors as there are no checks for divisors not being 0. We have patched the issue in GitHub commit...

CVE-2021-37683

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of division in TFLite is vulnerable to a division by 0 error. There is no check that the divisor tensor does not contain zero elements. We have patched the issue in GitHub commit...

CVE-2021-37685

TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's expanddims.cc contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If axis is a large negative value e.g., -100000, then after the first if it would...

CVE-2021-37691

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a division by zero error in LSH implementation. We have patched the issue in GitHub commit 0575b640091680cfb70f4dd93e70658de43b94f9. The fix will be...

CVE-2021-37677

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for tf.rawops.Dequantize has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation use...