Lucene search
+L

100 matches found

osv
osv
added 2026/07/07 2:34 p.m.5 views

PYSEC-2026-1954 Invalid char to bool conversion when printing a tensor

Impact When printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. Patches We have patched the issu...

4.8CVSS6AI score0.00389EPSS
Exploits0References7
osv
osv
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-961 TensorFlow has null dereference on ParallelConcat with XLA

Impact When running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. python import tensorflow as tf func = tf.rawops.ParallelConcat para = 'shape': 0, 'values': 1 @tf.functionjitcompile=True def test: y =...

7.5CVSS5.9AI score0.00391EPSS
Exploits0References6
pypa
pypa
added 2026/07/07 10:17 a.m.6 views

Invalid char to bool conversion when printing a tensor

ImpactWhen printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. PatchesWe have patched the issue ...

7.5CVSS7.1AI score0.00389EPSS
Exploits0References7Affected Software1
osv
osv
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1035 `tf.raw_ops.Mfcc` crashes

Impact If ThreadUnsafeUnigramCandidateSampler is given input filterbankchannelcount greater than the allowed max size, TensorFlow will crash. python import tensorflow as tf tf.rawops.Mfcc spectrogram = 1.38, 6.32, 5.75, 9.51, samplerate = 2, upperfrequencylimit = 5.0, lowerfrequencylimit = 1.0,...

4.8CVSS7AI score0.0044EPSS
Exploits1References7
osv
osv
added 2026/07/07 10:17 a.m.3 views

PYSEC-2026-941 `CHECK` fail via inputs in `SdcaOptimizer`

Impact Inputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer. python import tensorflow as tf tf.rawops.SdcaOptimizer sparseexampleindices=4 tf.random.uniform5,5,5,3, dtype=tf.dtypes.int64, maxval=100, sparsefeatureindices=4 tf.random.uniform5,5,5,3,...

4.8CVSS7AI score0.0044EPSS
Exploits1References7
osv
osv
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-969 TensorFlow vulnerable to `CHECK` failures in `FractionalAvgPoolGrad`

Impact The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. python import tensorflow as tf overlapping = True originputtensorshape =...

5.9CVSS5.9AI score0.00396EPSS
Exploits0References7
osv
osv
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1004 Missing validation causes denial of service via `DeleteSessionTensor`

Impact The implementation of tf.rawops.DeleteSessionTensor does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf handle = tf.constant"", shape=0, dtype=tf.string...

5.5CVSS5.9AI score0.00325EPSS
Exploits1References11
osv
osv
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1003 Missing validation causes denial of service via `StagePeek`

Impact The implementation of tf.rawops.StagePeek does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf index = tf.constant, shape=0, dtype=tf.int32 tf.rawops.StagePeekindex=index,...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References11
redhatcve
redhatcve
added 2026/01/09 9:11 a.m.13 views

CVE-2022-35960

TensorFlow is an open source platform for machine learning. In core/kernels/listkernels.cc's TensorListReserve, numelements is assumed to be a tensor of size 1. When a numelements of more than 1 element is provided, then tf.rawops.TensorListReserve fails the CHECKEQ in...

7.5CVSS6.6AI score0.00547EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:11 a.m.10 views

CVE-2022-35986

TensorFlow is an open source platform for machine learning. If RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7a4591fd4f065f4fa903593bc39b2f79530a74b8. The fix will b...

7.5CVSS6.6AI score0.00423EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:11 a.m.11 views

CVE-2022-35995

TensorFlow is an open source platform for machine learning. When AudioSummaryV2 receives an input samplerate with more than one element, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

7.5CVSS6.6AI score0.00396EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:11 a.m.10 views

CVE-2022-35952

TensorFlow is an open source platform for machine learning. The UnbatchGradOp function takes an argument id that is assumed to be a scalar. A nonscalar id can trigger a CHECK failure and crash the program. It also requires its argument batchindex to contain three times the number of elements as...

7.5CVSS6.8AI score0.00558EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.11 views

EUVD-2020-0204

Malware in sbrugna...

9.8CVSS8.9AI score0.00893EPSS
Exploits1References10
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-0402

Malware in sbrugna...

7.8CVSS5.9AI score0.00173EPSS
Exploits0References9
euvd
euvd
added 2025/10/03 8:7 p.m.17 views

EUVD-2022-6949

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00441EPSS
Exploits0References6
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-6733

Malicious code in bioql PyPI...

7.5CVSS8.1AI score0.00559EPSS
Exploits0References8
euvd
euvd
added 2025/10/03 8:7 p.m.18 views

EUVD-2022-6796

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00396EPSS
Exploits0References6
euvd
euvd
added 2025/10/03 8:7 p.m.18 views

EUVD-2022-6941

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00547EPSS
Exploits0References7
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-7425

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.0049EPSS
Exploits1References6
redhatcve
redhatcve
added 2025/05/23 12:45 a.m.11 views

CVE-2022-41889

TensorFlow is an open source platform for machine learning. If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors...

7.5CVSS6.8AI score0.00404EPSS
Exploits1References1
Rows per page
Query Builder