Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

288 matches found

Positive Technologies
Positive Technologiesadded 2020/12/10 12:0 a.m.4 views

PT-2020-16394 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.5 TensorFlow versions prior to 2.0.4 TensorFlow versions prior to 2.1.3 TensorFlow versions prior to 2.2.2 TensorFlow versions prior to 2.3.2 TensorFlow versions prior to 2.4.0 Description: In affected versio...

9.3CVSS5.7AI score0.01023EPSS
Exploits5References90
OSV
OSVadded 2020/09/25 7:15 p.m.9 views

CVE-2020-15211

In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indice...

4.8CVSS4.9AI score
Exploits0References9
Prion
Prionadded 2020/09/25 7:15 p.m.18 views

Out-of-bounds

In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indice...

5.8CVSS5AI score0.00344EPSS
Exploits1References9Affected Software2
PyPA
PyPAadded 2020/09/25 7:15 p.m.5 views

PYSEC-2020-291

In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indice...

5.8CVSS7AI score0.00344EPSS
Exploits1References9Affected Software1
CVE
CVEadded 2020/09/25 6:45 p.m.178 views

CVE-2020-15211

CVE-2020-15211 : In TensorFlow Lite (before 1.15.4, 2.0.3, 2.1.2, 2.2.1, 2.3.1), a negative -1 tensor index used for optional inputs can be treated as a valid index during validation, allowing out-of-bounds reads/writes in some operators. The root cause is the double indexing scheme for tensors i...

5.8CVSS5.2AI score0.00344EPSS
Exploits1References9Affected Software1
NVD
NVDadded 2019/08/15 6:15 p.m.17 views

CVE-2018-14672

In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages...

5.3CVSS5.4AI score0.00437EPSS
Exploits0References1
ClickHouse
ClickHouseadded 2018/09/10 12:0 a.m.15 views

Fixed in ClickHouse Release 18.12.13, 2018-09-10​

Functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages...

4.6AI score
Exploits0Affected Software1
CVE
CVEadded 2017/10/02 2:0 p.m.82 views

CVE-2017-12620

CVE-2017-12620 describes an XML External Entity (XXE) vulnerability in Apache OpenNLP when loading models or dictionaries that contain XML from untrusted sources. The connected documents identify the affected OpenNLP versions: 1.5.0–1.5.3, 1.6.0, and 1.7.0–1.7.2, 1.8.0–1.8.1. The XXE issue is the...

9.8CVSS9.3AI score0.01018EPSS
Exploits5References1Affected Software1
Rows per page
Query Builder