Lucene search
+L

13 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 9:31 p.m.56 views

Security Bulletin: TensorFlow is vulnerable to security CVEs used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Tensorflow which is vulnerable to security CVEs. Vulnerability Details CVEID:CVE-2021-37635 DESCRIPTION: TensorFlow could allow a local authenticated attacker to obtain sensitive information, caused by a heap out-of-bounds read flaw in...

8.4CVSS7.4AI score0.01864EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.5 views

SUSE CVE-2021-37639

TensorFlow is an end-to-end open source platform for machine learning. When restoring tensors via raw APIs, if the tensor name is not provided, TensorFlow can be tricked into dereferencing a null pointer. Alternatively, attackers can read memory outside the bounds of heap allocated data by...

7.8CVSS5.6AI score0.00173EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/17 4:21 a.m.59 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in TensorFlow

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of TensorFlow. Vulnerability Details CVEID: CVE-2021-37635 DESCRIPTION: TensorFlow could allow a local authenticated attacker to obtain sensitive information, caused by a heap out-of-bounds read flaw in the...

8.8CVSS8.6AI score0.00307EPSS
Exploits21Affected Software1
vulnersOsv
vulnersOsv
added 2021/08/25 2:44 p.m.13 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +164 more potentially affected by CVE-2021-37639 via tensorflow-gpu (>=1.10.1 <=2.3.2)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2021-37639 Source advisory: OSV:GHSA-GH6X-4WHR-2QV4...

8.4CVSS6.3AI score0.00173EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 2:44 p.m.3 views

a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +100 more potentially affected by CVE-2021-37639 via tensorflow-cpu (>=1.15.0 <=2.3.1)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2021-37639 Source advisory: OSV:GHSA-GH6X-4WHR-2QV4...

8.4CVSS6.3AI score0.00173EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 2:44 p.m.4 views

abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +95 more potentially affected by CVE-2021-37639 via tensorflow (>=2.4.0 <=2.4.2)

tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37639 Source advisory: OSV:GHSA-GH6X-4WHR-2QV4...

8.4CVSS6.2AI score0.00173EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 2:44 p.m.5 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4761 more potentially affected by CVE-2021-37639 via tensorflow (>=1.0.1 <=2.3.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2021-37639 Source advisory: OSV:GHSA-GH6X-4WHR-2QV4...

8.4CVSS6.2AI score0.00173EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 2:44 p.m.8 views

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +4 more potentially affected by CVE-2021-37639 via tensorflow-gpu (>=2.4.0 <=2.4.2)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =0.1.0.dev98, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-37639 Source advisory: OSV:GHSA-GH6X-4WHR-2QV4...

8.4CVSS6.4AI score0.00173EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/12 7:15 p.m.5 views

abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +95 more potentially affected by CVE-2021-37639 via tensorflow (>=2.4.0 <=2.4.2)

tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37639 Source advisory: OSV:PYSEC-2021-261...

8.4CVSS6.2AI score0.00173EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/12 7:15 p.m.8 views

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +4 more potentially affected by CVE-2021-37639 via tensorflow-gpu (>=2.4.0 <=2.4.2)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =0.1.0.dev98, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-37639 Source advisory: OSV:PYSEC-2021-750...

8.4CVSS6.4AI score0.00173EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/12 7:15 p.m.5 views

deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-37639 via tensorflow-gpu (>=2.3.0 <=2.3.2)

tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-37639 Source advisory: OSV:PYSEC-2021-750...

8.4CVSS6.4AI score0.00173EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/12 7:15 p.m.4 views

accuinsight (>=1.0.62 <=3.0.0rc2), adapt-diagnostics (>=1.2.0 <=1.6.0) +110 more potentially affected by CVE-2021-37639 via tensorflow (>=2.3.0 <=2.3.2)

tensorflow PYPI version =2.3.0, =1.0.62, =1.2.0, =0.1.0, =0.0.1a0, =0.0.1, =1.0.0rc1, =20210206.0.0, =0.1.0.dev1, =0.2.4, =1.0.1.0, =1.0.3 - cardec-cite =1.1.0 and more Source cves: CVE-2021-37639 Source advisory: OSV:PYSEC-2021-261...

8.4CVSS6.2AI score0.00173EPSS
Exploits0
CVE
CVE
added 2021/08/12 6:10 p.m.92 views

CVE-2021-37639

TensorFlow has a local, impactful vulnerability CVE-2021-37639 where restoring tensors via raw APIs can dereference a null pointer or read outside the heap bounds when tensor_name is not provided. The root cause is reading the tensor list from user-controlled input without validating its length, ...

8.4CVSS7.6AI score0.00173EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder