737 matches found
CVE-2021-29512
TensorFlow is an end-to-end open source platform for machine learning. If the splits argument of RaggedBincount does not specify a valid SparseTensorhttps://www.tensorflow.org/apidocs/python/tf/sparse/SparseTensor, then an attacker can trigger a heap buffer overflow. This will cause a read from...
Google TensorFlow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow 2.4.2, 2.3.3, 2.2.3, 2.1.4, which stems from the absence of loops between nodes of a TFlite graph. No detailed vulnerability details are...
PT-2021-18282 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: An attacker can trigger a CHECK fail in PN...
PT-2021-18359 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.1 and earlier TensorFlow versions 2.3.2 and earlier TensorFlow versions 2.2.2 and earlier TensorFlow versions 2.1.3 and earlier Description: Due to a lack of validation in tf.raw...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow RaggedCross. An attacker can exploit the vulnerability by passing invalid tensor values to tf.rawops.RaggedCross to cause a heap out-of-bounds read...
PT-2021-18308 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: An attacker can cause a denial of service via a FPE runtime error in tf.raw ops.SparseMatMul...
PT-2021-18283 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: An attacker can force accesses outside the...
PT-2021-18352 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2, 2.3.3, 2.2.3, and 2.1.4 are also affected Description: The TFLite implementation of concatenation is vulnerable to an integer overflow issue. An attacker can craft a model such tha...
PT-2021-18267 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: Calling tf.raw ops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor...
PT-2021-18333 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: Due to lack of validation in tf.raw...
PT-2021-18335 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: An attacker can trigger a denial of service via a CHECK-fail caused by an integer overflow in...
PT-2021-18343 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: The issue arises when the target shape of...
PT-2021-18328 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: The implementation of tf.raw...
PT-2021-18264 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: The issue arises when calling TF operations with tensors of non-numeric types, resulting in nu...
PT-2021-18332 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: Due to lack of validation in tf.raw...
PT-2021-18340 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: The reference implementation of the GatherNd TFLite operator is vulnerable to a division by ze...
Security Bulletin: Tensor Flow security vulnerabilities with denial of service on IBM Watson Machine Learning on CP4D
Summary TensorFlow is vulnerable to a denial of service .Remote attacker could exploit this vulnerability to cause a denial of service condition on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2020-15190 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused ...
Security Bulletin: Tensor Flow security vulnerabilities with denial of service on IBM Watson Machine Learning Server
Summary TensorFlow is vulnerable to a denial of service .Remote attacker could exploit this vulnerability to cause a denial of service condition on IBM Watson Machine Learning Server Vulnerability Details CVEID: CVE-2020-15190 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused b...
PT-2020-16391 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.5 TensorFlow versions prior to 2.0.4 TensorFlow versions prior to 2.1.3 TensorFlow versions prior to 2.2.2 TensorFlow versions prior to 2.3.2 TensorFlow versions prior to 2.4.0 Description: The tf.raw...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a buffer overflow vulnerability that stems from a tensor buffer being populated with the default value for the type, but forgetting to initialize the quantized...