Lucene search
K

118 matches found

OSV
OSV
added 2023/03/24 9:57 p.m.2 views

GHSA-F637-VH3R-VFH2 TensorFlow has Floating Point Exception in AudioSpectrogram

Impact version:2.11.0 //core/ops/audioops.cc:70 Status SpectrogramShapeFnInferenceContext c ShapeHandle input; TFRETURNIFERRORc-WithRankc-input0, 2, &input; int32t windowsize; TFRETURNIFERRORc-GetAttr"windowsize", &windowsize; int32t stride; TFRETURNIFERRORc-GetAttr"stride", &stride; .....1...

7.5CVSS6.6AI score0.00383EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.2 views

SUSE CVE-2022-35972

TensorFlow is an open source platform for machine learning. If QuantizedBiasAdd is given mininput, maxinput, minbias, maxbias tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

7.5CVSS7.4AI score0.00409EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.3 views

SUSE CVE-2022-35990

TensorFlow is an open source platform for machine learning. When tf.quantization.fakequantwithminmaxvarsperchannelgradient receives input min or max of rank other than 1, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...

7.5CVSS8.1AI score0.00383EPSS
Exploits0References3
OSV
OSV
added 2022/11/21 9:54 p.m.2 views

GHSA-F2W8-JW48-FR7J `FractionalMaxPoolGrad` Heap out of bounds read

Impact If FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash. python import tensorflow as tf tf.rawops.FractionMaxPoolGrad originput = 1, 1, 1, 1, 1, origoutput = 1, 1, 1, outbackprop = 3, 3, 6, rowpoolingsequence = -0x4000000, 1, 1,...

4.8CVSS7AI score0.0044EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2022/11/18 12:0 a.m.5 views

CVE-2022-41897 `FractionalMaxPoolGrad` Heap out of bounds read in Tensorflow

TensorFlow is an open source platform for machine learning. If FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash. We have patched the issue in GitHub commit d71090c3e5ca325bdf4b02eb236cfb3ee823e927. The fix will be included in TensorFlow...

4.8CVSS7.1AI score0.0044EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2022/09/16 10:14 p.m.6 views

aliby (>=0.1.18 <=0.1.55), aliby-baby (>=0.1.11 <=0.1.17) +29 more potentially affected by CVE-2022-35965 via tensorflow (>=2.9.0 <=2.9.0rc2)

tensorflow PYPI version =2.9.0, =0.1.18, =0.1.11, =0.30.0, =0.0.0, =1.3.0, =0.3.0, =1.0.1, =1.2.0, =0.0.6, =1.0.12, =0.1.0, =0.1.1 and more Source cves: CVE-2022-35965 Source advisory: OSV:GHSA-QXPX-J395-PW36...

7.5CVSS7.1AI score0.00383EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 10:6 p.m.3 views

aliby (>=0.1.18 <=0.1.55), aliby-baby (>=0.1.11 <=0.1.17) +29 more potentially affected by CVE-2022-36002 via tensorflow (>=2.9.0 <=2.9.0rc2)

tensorflow PYPI version =2.9.0, =0.1.18, =0.1.11, =0.30.0, =0.0.0, =1.3.0, =0.3.0, =1.0.1, =1.2.0, =0.0.6, =1.0.12, =0.1.0, =0.1.1 and more Source cves: CVE-2022-36002 Source advisory: OSV:GHSA-MH3M-62V7-68XG...

7.5CVSS7.1AI score0.00396EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 9:57 p.m.5 views

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-36017 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-36017 Source advisory: OSV:GHSA-WQMC-PM8C-2JHC...

7.5CVSS7.1AI score0.00423EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 9:13 p.m.5 views

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-36019 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-36019 Source advisory: OSV:GHSA-9J4V-PP28-MXV7...

7.5CVSS7.1AI score0.00396EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 9:4 p.m.5 views

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35937 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35937 Source advisory: OSV:GHSA-PXRW-J2FV-HX3H...

9.1CVSS7.2AI score0.00441EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 9:4 p.m.4 views

a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +103 more potentially affected by CVE-2022-35937 via tensorflow-cpu (>=1.15.0 <=2.7.0)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-35937 Source advisory: OSV:GHSA-PXRW-J2FV-HX3H...

9.1CVSS7.2AI score0.00441EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 8:56 p.m.7 views

aliby (>=0.1.18 <=0.1.55), aliby-baby (>=0.1.11 <=0.1.17) +29 more potentially affected by CVE-2022-35934 via tensorflow (>=2.9.0 <=2.9.0rc2)

tensorflow PYPI version =2.9.0, =0.1.18, =0.1.11, =0.30.0, =0.0.0, =1.3.0, =0.3.0, =1.0.1, =1.2.0, =0.0.6, =1.0.12, =0.1.0, =0.1.1 and more Source cves: CVE-2022-35934 Source advisory: OSV:GHSA-F4W6-H4F5-WX45...

7.5CVSS7.1AI score0.00396EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/09/16 7:40 p.m.7 views

CVE-2022-35939 Out of bounds write in `scatter_nd` op in TensorFlow Lite

TensorFlow is an open source platform for machine learning. The ScatterNd function takes an input argument that determines the indices of of the output tensor. An input index greater than the output tensor or less than zero will either write content at the wrong index or trigger a crash. We have...

7CVSS9.6AI score0.00441EPSS
Exploits0References3
OSV
OSV
added 2022/05/24 10:12 p.m.5 views

GHSA-54CH-GJQ5-4976 Segfault due to missing support for quantized types

Impact There is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1. ops which don't yet have support for quantized types added after migration to TF 2.x: python import numpy as np import tensorflow as tf...

5.5CVSS5.8AI score0.00317EPSS
Exploits1References10
vulnersOsv
vulnersOsv
added 2022/05/24 10:10 p.m.7 views

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-29202 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-29202 Source advisory: OSV:GHSA-CWPM-F78V-7M5C...

5.5CVSS6AI score0.00316EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/24 10:6 p.m.5 views

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-29192 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-29192 Source advisory: OSV:GHSA-H2WQ-PRV9-2F56...

5.5CVSS6AI score0.0034EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/05/20 12:0 a.m.3 views

PT-2022-19447 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description: The implementation of tf.raw ops.StagePeek does not fully validate the input arguments,...

5.5CVSS5.3AI score0.00317EPSS
Exploits1References13
OSV
OSV
added 2022/02/09 11:26 p.m.1 views

GHSA-Q85F-69Q7-55H2 Uninitialized variable access in Tensorflow

Impact The implementation of AssignOp can result in copying unitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized to minimize number of allocations, but does not check that the right hand...

7.6CVSS7.2AI score0.00755EPSS
Exploits1References7
OSV
OSV
added 2022/02/04 11:15 p.m.6 views

PYSEC-2022-138

Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's SpecializeType which results in heap OOB read/write. Due to a typo, arg is initialized to the ith mutable argument in a loop where the loop index is j. Hence it is possible to assign to arg from outside the...

8.8CVSS7.2AI score0.00837EPSS
Exploits1References3
OSV
OSV
added 2022/02/04 11:15 p.m.6 views

PYSEC-2022-155

Tensorflow is an Open Source Machine Learning Framework. The GraphDef format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a GraphDef containing a fragment such as the following can be consumed when loading a SavedModel. This...

7.5CVSS7.3AI score0.00789EPSS
Exploits0References2
Rows per page
Query Builder