CVE-2021-29557

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

CVE-2021-29589

TensorFlow is an end-to-end open source platform for machine learning. The reference implementation of the GatherNd TFLite operator is vulnerable to a division by zero...

CVE-2021-29515

TensorFlow is an end-to-end open source platform for machine learning. The implementation of MatrixDiag operationshttps://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrixdiagop.ccL195-L197 does not validate that the tensor...

CVE-2025-30165

vLLM is an inference and serving engine for large language models. In a multi-node vLLM deployment using the V0 engine, vLLM uses ZeroMQ for some multi-node communication purposes. The secondary vLLM hosts open a SUB ZeroMQ socket and connect to an XPUB socket on the primary vLLM host. When data ...

CVE-2025-30165 Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration

vLLM is an inference and serving engine for large language models. In a multi-node vLLM deployment using the V0 engine, vLLM uses ZeroMQ for some multi-node communication purposes. The secondary vLLM hosts open a SUB ZeroMQ socket and connect to an XPUB socket on the primary vLLM host. When data ...

CVE-2025-32434

PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model using torch.load with...

Deserialization of Untrusted Data

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the MooncakePipe class, which relies on pickle for serialization and deserialization in recvtensor. An attacker...

CVE-2021-37649

TensorFlow is an end-to-end open source platform for machine learning. The code for tf.rawops.UncompressElement can be made to trigger a null pointer dereference. The implementation obtains a pointer to a CompressedElement from a Variant tensor and then proceeds to dereference it for decompressin...

CVE-2020-15208

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can...

PT-2025-17312

Name of the Vulnerable Software and Affected Versions PyTorch versions prior to 2.6.0 PyTorch ≤2.5.1 Description PyTorch is vulnerable to a Remote Command Execution RCE vulnerability. This flaw exists in versions 2.5.1 and prior, specifically when loading a model using the torch.load function wit...

PUB-A-325927059

There is a possible Local bypass of user interaction due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

GHSA-W69Q-W4H4-2FX8 Reverb use after free vulnerability

There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance...

CVE-2024-8375

There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance...

CVE-2024-8375

There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance...

Reverb 安全漏洞

Reverb is an efficient and easy-to-use data storage and transfer system open-sourced by Google DeepMind. Reverb has a security vulnerability that stems from when unpacking a tensor prototype of type VARIANT overwrites the bytes in tensorcontent with vtable pointers to all previously allocated...

Division By Zero Error

TensorFlow is vulnerable to a Division By Zero Error. The vulnerability is due to a division by zero error in the TFLite implementation of hashtable lookup when the values tensor's first dimension is 0, allowing an attacker to craft a model that, when processed, triggers the division by zero erro...

Out-of-bounds Read

TensorFlow is vulnerable to an Out-of-bounds Read. The vulnerability is due to improper validation of the axisvalue in the TFLite implementation of SplitV, which can lead to accessing data outside the bounds of the tensor shape array...

Denial Of Service (DOS)

TensorFlow is vulnerable to a denial of service. The vulnerability is due to the improper handling of the dimensionality of the output tensor in TensorFlow Lite's segment sum implementation,where the code uses the last element of the tensor holding segment IDs to determine the output tensor's siz...

Out-Of-Bounds Writes

TensorFlow is vulnerable to out-of-bounds writes. The vulnerability is due to the improper handling of negative elements in the segment ids tensor, allowing negative values that result in out-of-bounds memory writes during the segment sum operation...

Out-of-bounds Write

tensorflow, tensorflow-cpu and tensorflowgpu is vulnerable to Out-of-bounds Write. The vulnerability is due to improper handling of tensors when a model uses the same tensor for both an input and output of an operator, which can result in data loss and memory corruption...