Lucene search
+L

54 matches found

OSV
OSV
added 2022/02/03 2:27 p.m.27 views

CVE-2022-21741 Division by zero in TFLite

Tensorflow is an Open Source Machine Learning Framework. Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to...

6.5CVSS6.3AI score0.00821EPSS
Exploits1References5
Cvelist
Cvelist
added 2021/08/12 10:25 p.m.58 views

CVE-2021-37691 Division by zero in LSH in TensorFlow Lite

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a division by zero error in LSH implementation. We have patched the issue in GitHub commit 0575b640091680cfb70f4dd93e70658de43b94f9. The fix will be...

5.5CVSS6.1AI score0.00152EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2021/08/12 10:25 p.m.4 views

CVE-2021-37691

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a division by zero error in LSH implementation. We have patched the issue in GitHub commit 0575b640091680cfb70f4dd93e70658de43b94f9. The fix will be...

5.5CVSS7AI score0.00152EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/08/12 10:15 p.m.6 views

CVE-2021-37688

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. The implementation unconditionally dereferences a pointer. We have...

7.8CVSS5.6AI score0.00165EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/08/12 10:15 p.m.7 views

PYSEC-2021-799

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. The implementation unconditionally dereferences a pointer. We have...

7.8CVSS5.9AI score0.00165EPSS
Exploits0References2
OSV
OSV
added 2021/08/12 10:15 p.m.29 views

PYSEC-2021-602

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. This is caused by the MLIR optimization of L2NormalizeReduceAxis...

7.8CVSS2.3AI score0.00165EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2021/08/12 10:0 p.m.4 views

CVE-2021-37688

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. The implementation unconditionally dereferences a pointer. We have...

7.8CVSS6.9AI score0.00165EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/08/12 12:0 a.m.4 views

PT-2021-21807 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: An attacker can craft a TFLite model that would trigger a null pointer...

9.3CVSS5.6AI score0.00451EPSS
Exploits5References87
Prion
Prion
added 2021/05/14 8:15 p.m.17 views

Heap overflow

TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of...

4.6CVSS7.5AI score0.00215EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.7 views

PYSEC-2021-531

TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB write on heap in the TFLite implementation of...

7.8CVSS7.2AI score0.00201EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.7 views

PYSEC-2021-732

TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of...

7.8CVSS6.8AI score0.00215EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2020/09/25 7:15 p.m.27 views

CVE-2020-15209

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one...

5.9CVSS0.008EPSS
Exploits1References4
CVE
CVE
added 2020/09/25 6:45 p.m.188 views

CVE-2020-15209

Observation: CVE-2020-15209 affects TensorFlow Lite. A crafted TFLite flatbuffer can flip a tensor’s buffer index, turning a read-only tensor into read-write, which the runtime may treat as writable and initialize with a null buffer, causing a null pointer dereference. The issue has a concrete ro...

5.9CVSS5.8AI score0.008EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2020/09/25 12:0 a.m.3 views

PT-2020-14281 · Google +1 · Tensorflow +1

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.4 TensorFlow versions prior to 2.0.3 TensorFlow versions prior to 2.1.2 TensorFlow versions prior to 2.2.1 TensorFlow versions prior to 2.3.1 Description: If a TFLite saved model uses the same tensor as both...

9.8CVSS6AI score0.01235EPSS
Exploits16References73
Rows per page
Query Builder