Lucene search
K

437 matches found

vulnersOsv
vulnersOsv
added 2022/02/09 11:25 p.m.6 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4847 more potentially affected by CVE-2022-23574 via tensorflow (>=1.0.1 <=2.5.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-23574 Source advisory: OSV:GHSA-77GP-3H4R-6428...

8.8CVSS7.6AI score0.00837EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 6:29 p.m.7 views

alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-21728 via tensorflow (>=2.6.0 <=2.6.2)

tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-21728 Source advisory: OSV:GHSA-6GMV-PJP9-P8W8...

8.1CVSS7.2AI score0.01125EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 6:29 p.m.4 views

aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +38 more potentially affected by CVE-2022-21727 via tensorflow (>=2.7.0 <=2.7.0rc1)

tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-21727 Source advisory: OSV:GHSA-C6FH-56W7-FVJW...

8.8CVSS7.2AI score0.00659EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 6:29 p.m.6 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4847 more potentially affected by CVE-2022-21727 via tensorflow (>=1.0.1 <=2.5.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-21727 Source advisory: OSV:GHSA-C6FH-56W7-FVJW...

8.8CVSS7.6AI score0.00659EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/07 10:1 p.m.7 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4847 more potentially affected by CVE-2022-23581 via tensorflow (>=1.0.1 <=2.5.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-23581 Source advisory: OSV:GHSA-FQ86-3F29-PX2C...

6.5CVSS6.5AI score0.01151EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/04 11:15 p.m.4 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +171 more potentially affected by CVE-2022-23561 via tensorflow-gpu (>=1.10.1 <=2.5.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-23561 Source advisory: OSV:PYSEC-2022-125...

8.8CVSS7.2AI score0.0054EPSS
Exploits0
PyPA
PyPA
added 2022/02/04 11:15 p.m.5 views

PYSEC-2022-82

Tensorflow is an Open Source Machine Learning Framework. The implementation of AssignOp can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized to minimize number of...

8.8CVSS6.9AI score0.00755EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2022/02/04 11:15 p.m.6 views

PYSEC-2022-153

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a SavedModel file fixing the first one would trigger the same...

6.5CVSS7AI score0.01097EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2022/02/04 11:15 p.m.8 views

PYSEC-2022-128

Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow...

6.5CVSS6.8AI score0.00469EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2022/02/04 11:15 p.m.7 views

PYSEC-2022-100

Tensorflow is an Open Source Machine Learning Framework. The GraphDef format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a GraphDef containing a fragment such as the following can be consumed when loading a SavedModel. This...

7.5CVSS7.4AI score0.00789EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2022/02/04 11:15 p.m.10 views

PYSEC-2022-134

Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a DCHECK. However, DCHECK is a no-op in production builds...

6.5CVSS6.9AI score0.00992EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/02/04 11:15 p.m.8 views

PYSEC-2022-149

Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., &decode, the decode value contains allocated buffers which can only be freed by calling...

6.5CVSS6.8AI score0.00992EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.7 views

PT-2022-16103 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: A malicious user can cause a denial of service by altering a SavedModel such tha...

6.5CVSS6.2AI score0.008EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.6 views

PT-2022-16074 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.0 TensorFlow versions 2.6.0 through 2.6.2 TensorFlow versions 2.5.0 through 2.5.2 Description: An attacker can craft a TFLite model that would cause an integer overflow ...

8.8CVSS8.7AI score0.01173EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.4 views

PT-2022-16081 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operatio...

7.1CVSS6.2AI score0.00469EPSS
Exploits0References13
vulnersOsv
vulnersOsv
added 2022/02/03 3:15 p.m.11 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +171 more potentially affected by CVE-2022-21741 via tensorflow-gpu (>=1.10.1 <=2.5.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-21741 Source advisory: OSV:PYSEC-2022-120...

6.5CVSS6.5AI score0.00821EPSS
Exploits1
PyPA
PyPA
added 2022/02/03 1:15 p.m.6 views

PYSEC-2022-108

Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...

6.5CVSS7.2AI score0.00783EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/02/03 11:42 a.m.2 views

CVE-2022-23568

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...

6.5CVSS7.2AI score0.008EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/03 11:15 a.m.6 views

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-21730 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-21730 Source advisory: OSV:PYSEC-2022-109...

8.1CVSS7.2AI score0.00815EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/02/03 12:0 a.m.6 views

PT-2022-15067 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The implementation of shape inference for ReverseSequence does not fully validat...

8.1CVSS7.9AI score0.01125EPSS
Exploits1References14
Rows per page
Query Builder