Lucene search
K

534 matches found

OSV
OSV
added 2026/07/07 11:45 a.m.5 views

PYSEC-2026-1956 TensorFlow has Null Pointer Error in SparseSparseMaximum

Impact When SparseSparseMaximum is given invalid sparse tensors as inputs, it can give an NPE. python import tensorflow as tf tf.rawops.SparseSparseMaximum aindices=1, avalues = 0.1 , ashape = 2, bindices=, bvalues =2 , bshape = 2, Patches We have patched the issue in GitHub commit...

7.5CVSS6.6AI score0.00439EPSS
Exploits1References6
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-956 TensorFlow has Floating Point Exception in TensorListSplit with XLA

Impact FPE in TensorListSplit with XLA python import tensorflow as tf func = tf.rawops.TensorListSplit para = 'tensor': 1, 'elementshape': -1, 'lengths': 0 @tf.functionjitcompile=True def fuzzjit: y = funcpara return y printfuzzjit Patches We have patched the issue in GitHub commit...

7.5CVSS5.9AI score0.00391EPSS
Exploits0References6
OSV
OSV
added 2026/07/07 10:17 a.m.3 views

PYSEC-2026-1050 Segfault via invalid attributes in `pywrap_tfe_src.cc`

Impact If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors as input ksizes. python import numpy as np import...

5.5CVSS6AI score0.00404EPSS
Exploits1References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-980 TensorFlow vulnerable to `CHECK` fail in `tf.linalg.matrix_rank`

Impact When tf.linalg.matrixrank receives an empty input a, the GPU kernel gives a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf a = tf.constant, shape=0, 1, 1, dtype=tf.float32 tf.linalg.matrixranka=a Patches We have patched the issue in GitHub...

5.9CVSS5.9AI score0.00405EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.3 views

PYSEC-2026-1047 TensorFlow vulnerable to Int overflow in `RaggedRangeOp`

Impact The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also throws an abort signal that crashes the program. python...

5.9CVSS6AI score0.00547EPSS
Exploits0References8
OSV
OSV
added 2026/07/07 10:17 a.m.3 views

PYSEC-2026-996 TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs`

Impact When tensorflow::fulltype::SubstituteFromAttrs receives a FullTypeDef& t that is not exactly three args, it triggers a CHECK-fail instead of returning a status. cpp Status SubstituteForEachAttrMap& attrs, FullTypeDef& t DCHECKEQt.argssize, 3; const auto& cont = t.args0; const auto& tmpl =...

7.5CVSS7.1AI score0.00547EPSS
Exploits0References8
OSV
OSV
added 2026/07/07 10:17 a.m.3 views

PYSEC-2026-987 TensorFlow vulnerable to `CHECK` failure in tf.reshape via overflows

Impact The implementation of tf.reshape op in TensorFlow is vulnerable to a denial of service via CHECK-failure assertion failure caused by overflowing the number of elements in a tensor: python import tensorflow as tf tf.reshapetensor=1,shape=tf.constant0 for i in range255, dtype=tf.int64 This i...

5.9CVSS5.9AI score0.00396EPSS
Exploits0References7
OSV
OSV
added 2026/07/06 9:37 a.m.4 views

PYSEC-2026-974 TensorFlow vulnerable to `CHECK` failure in `SobolSample` via missing validation

Impact The implementation of SobolSampleOp is vulnerable to a denial of service via CHECK-failure assertion failure caused by assuming input0, input1, and input2 to be scalar. python import tensorflow as tf tf.rawops.SobolSampledim=tf.constant1,0, numresults=tf.constant1, skip=tf.constant1 Patche...

5.9CVSS6.9AI score0.00441EPSS
Exploits0References7
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1026 Missing validation results in undefined behavior in `QuantizedConv2D`

Impact The implementation of tf.rawops.QuantizedConv2D does not fully validate the input arguments: python import tensorflow as tf input = tf.constant1, shape=1, 2, 3, 3, dtype=tf.quint8 filter = tf.constant1, shape=1, 2, 3, 3, dtype=tf.quint8 bad args mininput = tf.constant, shape=0,...

5.5CVSS5.9AI score0.00332EPSS
Exploits1References11
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The default value for “denominator” is initialized to 1. WHAT & HOW Variables that are used as denominators and may not be assigned to other values should be initialized to a non-zero value to avoid “DIVIDEBYZERO...

5.5CVSS6.3AI score0.00172EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:21 a.m.6 views

CVE-2021-41207

TensorFlow is an open source platform for machine learning. In affected versions the implementation of ParallelConcat misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow...

5.5CVSS6.9AI score0.00136EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:21 a.m.5 views

CVE-2021-41209

TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...

5.5CVSS6.9AI score0.00136EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.4 views

CVE-2021-41201

TensorFlow is an open source platform for machine learning. In affeced versions during execution, EinsumHelper::ParseEquation is supposed to set the flags in inputhasellipsis vector and outputhasellipsis boolean to indicate whether there is ellipsis in the corresponding inputs and output. However...

7.8CVSS7.1AI score0.00241EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:57 a.m.4 views

CVE-2023-31454

Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can bind any cluster, even if he is not the cluster owner. Users are advised to upgrade to Apache InLong's 1.7.0...

7.5CVSS7AI score0.01182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:55 p.m.4 views

CVE-2021-37642

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.ResourceScatterDiv is vulnerable to a division by 0 error. The implementation uses a common class for all binary operations but fails to treat the division by 0 case...

5.5CVSS5.9AI score0.00154EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:53 p.m.4 views

CVE-2021-37685

TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's expanddims.cc contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If axis is a large negative value e.g., -100000, then after the first if it would...

5.5CVSS5.9AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:53 p.m.3 views

CVE-2021-37687

TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's GatherNd implementation does not support negative indices but there are no checks for this situation. Hence, an attacker can read arbitrary data from the heap by carefully crafting a model with...

5.5CVSS6AI score0.00191EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: drm/i915: Fix NULL pointer dereference in capture_engine

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in captureengine When the intelcontext structure contains NULL, it raises a NULL pointer dereference error in drminfo. cherry picked from commit 754302a5bc1bd8fd3b7d85c168b0a1af6d4bba4d...

5.5CVSS6.8AI score0.00213EPSS
Exploits0References5
OSV
OSV
added 2025/02/10 4:15 p.m.5 views

UBUNTU-CVE-2024-57950

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize denominator defaults to 1 WHAT & HOW Variables, used as denominators and maybe not assigned to other values, should be initialized to non-zero to avoid DIVIDEBYZERO, as reported by Coverity. cherry...

5.5CVSS6.5AI score0.00172EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/08/02 9:44 a.m.18 views

CVE-2024-36268 Apache InLong TubeMQ Client: Remote Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0 through 1.12.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.13.0 or cherry-pick 1 to solve it. 1 ...

7.8AI score0.01173EPSS
Exploits0References1
Rows per page
Query Builder