TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of plugins...

PT-2026-20861

Name of the Vulnerable Software and Affected Versions TensorFlow affected versions not specified Description A flaw exists in TensorFlow due to insecure handling of plugins, allowing local attackers to potentially escalate privileges on affected systems. An attacker must first have the ability to...

CVE-2025-12343

A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnnbackendtf.c source file. The issue occurs in the dnnexecutemodeltf function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free conditio...

CVE-2025-12343

A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnnbackendtf.c source file. The issue occurs in the dnnexecutemodeltf function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free conditio...

UBUNTU-CVE-2025-12343

A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnnbackendtf.c source file. The issue occurs in the dnnexecutemodeltf function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free conditio...

CVE-2025-12343

A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnnbackendtf.c source file. The issue occurs in the dnnexecutemodeltf function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free conditio...

CVE-2025-12343 Ffmpeg: double-free vulnerability in ffmpeg tensorflow dnn backend

A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnnbackendtf.c source file. The issue occurs in the dnnexecutemodeltf function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free conditio...

CVE-2025-12343

FFmpeg exposes a double-free vulnerability in its TensorFlow backend. In libavfilter/dnn_backend_tf.c, dnn_execute_model_tf() frees a task object multiple times on certain error paths, causing a denial-of-service through crash. This is documented across sources (e.g., Debian, Red Hat, CVE listing...

CVE-2025-12343 Ffmpeg: double-free vulnerability in ffmpeg tensorflow dnn backend

A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnnbackendtf.c source file. The issue occurs in the dnnexecutemodeltf function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free conditio...

CVE-2025-12343

A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnnbackendtf.c source file. The issue occurs in the dnnexecutemodeltf function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free conditio...

GPU-Fuzz: Finding Memory Errors in Deep Learning Frameworks

GPU memory errors are a critical threat to deep learning DL frameworks, leading to crashes or even security issues. We introduce GPU-Fuzz, a fuzzer locating these issues efficiently by modeling operator parameters as formal constraints. GPU-Fuzz utilizes a constraint solver to generate test cases...

CVE-2026-0897 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server...

GHSA-XFHX-R7WW-5995 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server...

GHSA-XFHX-R7WW-5995 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server, tensorflow-gpu-jupyter...

CVE-2026-0897 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server, tensorflow-gpu-jupyter...

Azure Linux 3.0 Security Update: python-zipp / tensorflow (CVE-2024-5569)

The version of python-zipp / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5569 advisory. - A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all...

Azure Linux 3.0 Security Update: python3 / tensorflow (CVE-2024-8088)

The version of python3 / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8088 advisory. - There is a HIGH severity vulnerability affecting the CPython zipfile module affecting...

CVE-2026-21441 affecting package tensorflow for versions less than 2.16.1-10

CVE-2026-21441 affecting package tensorflow for versions less than 2.16.1-10. A patched version of the package is available...

EUVD-2023-35131

Improper buffer restrictions in IntelR Optimization for TensorFlow before version 2.13.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-25661

TensorFlow is an Open Source Machine Learning Framework. In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model Check Failed and can be used to trigger a denial of service attack. A proof of concept can be constructed with the Convolution3DTranspose function. This...