Lucene search
K

54 matches found

OSV
OSV
added 2026/07/07 10:17 a.m.3 views

PYSEC-2026-969 TensorFlow vulnerable to `CHECK` failures in `FractionalAvgPoolGrad`

Impact The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. python import tensorflow as tf overlapping = True originputtensorshape =...

5.9CVSS5.9AI score0.00396EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2025/09/24 12:0 a.m.4 views

Every Character Counts: from Vulnerability to Defense in Phishing Detection

Phishing attacks targeting both organizations and individuals are becoming an increasingly significant threat as technology advances. Current automatic detection methods often lack explainability and robustness in detecting new phishing attacks. In this work, we investigate the effectiveness of...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in @zalastax/nolb-grad (npm)

The package @zalastax/nolb-grad was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-11735 Malicious code in @zalastax/nolb-grad (npm)

The package @zalastax/nolb-grad was found to contain malicious code...

7.2AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/06/30 2:0 p.m.4 views

TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad

...

7.5CVSS8AI score0.00383EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/01 11:53 p.m.1 views

grad-group.com Improper Access Control vulnerability OBB-3800286

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Snyk
Snyk
added 2023/03/26 7:46 a.m.1 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a floating point exception if the stride and window size are not positive for tf.rawops.AvgPoolGrad. PoC import tensorflow as tf import numpy as np @tf.functionjitcompile=True def test: y =...

7.5CVSS7AI score0.00391EPSS
Exploits0References2
Snyk
Snyk
added 2023/03/26 7:29 a.m.1 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in GRUBlockCellGrad. PoC func = tf.rawops.GRUBlockCellGrad para = 'x': 21.1, 156.2, 83.3, 115.4, 'hprev': array136.5, 136.6, 'wru': array26.7, 0.8, 47.9, 26.1, 26.2, 26.3, 'wc': array 0.4, 31.5, 0.6, 'bru': array0.1,...

7.5CVSS7AI score0.00383EPSS
Exploits0References2
OSV
OSV
added 2023/03/25 12:15 a.m.6 views

AZL-31199 CVE-2023-25658 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, an out of bounds read is in GRUBlockCellGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1...

7.5CVSS7.3AI score0.00383EPSS
Exploits0References1
OSV
OSV
added 2023/03/25 12:15 a.m.7 views

AZL-35309 CVE-2023-25664 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1...

9.8CVSS7AI score0.00415EPSS
Exploits0References1
OSV
OSV
added 2023/03/24 9:53 p.m.2 views

GHSA-68V3-G9CM-RMM6 TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad

Impact Out of bounds read in GRUBlockCellGrad python func = tf.rawops.GRUBlockCellGrad para = 'x': 21.1, 156.2, 83.3, 115.4, 'hprev': array136.5, 136.6, 'wru': array26.7, 0.8, 47.9, 26.1, 26.2, 26.3, 'wc': array 0.4, 31.5, 0.6, 'bru': array0.1, 0.2 , dtype=float32, 'bc': 0x41414141, 'r': array0.3...

7.5CVSS7AI score0.00383EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.5 views

SUSE CVE-2020-15194

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments. Although reverseindexmapt and gradvaluest are accessed in a similar pattern, only reverseindexmapt is validated to be of proper...

5.3CVSS5.3AI score0.01017EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.5 views

SUSE CVE-2020-15195

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...

8.8CVSS8.7AI score0.00938EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.2 views

SUSE CVE-2021-29573

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax is vulnerable to a division by 0. The...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.3 views

SUSE CVE-2021-37651

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.FractionalAvgPoolGrad can be tricked into accessing data outside of bounds of heap allocated buffers. The implementation does not validate that the input tensor is non-empt...

7.8CVSS6AI score0.00174EPSS
Exploits0References4
OSV
OSV
added 2022/11/21 9:54 p.m.3 views

GHSA-F2W8-JW48-FR7J `FractionalMaxPoolGrad` Heap out of bounds read

Impact If FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash. python import tensorflow as tf tf.rawops.FractionMaxPoolGrad originput = 1, 1, 1, 1, 1, origoutput = 1, 1, 1, outbackprop = 3, 3, 6, rowpoolingsequence = -0x4000000, 1, 1,...

4.8CVSS7AI score0.0044EPSS
Exploits1References5
Snyk
Snyk
added 2022/11/20 9:8 a.m.1 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read. This is If MirrorPadGrad is given outsize input paddings. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References - GitHub Commit - Vulnerable Code Credit: Vul AI...

7.5CVSS7AI score0.0044EPSS
Exploits1References2
OSV
OSV
added 2022/11/18 10:15 p.m.6 views

AZL-11535 CVE-2022-41897 affecting package tensorflow for versions less than 2.11.0-1

TensorFlow is an open source platform for machine learning. If FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash. We have patched the issue in GitHub commit d71090c3e5ca325bdf4b02eb236cfb3ee823e927. The fix will be included in TensorFlow...

7.5CVSS7.3AI score0.0044EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2022/11/18 12:0 a.m.8 views

CVE-2022-41895

TensorFlow is an open source platform for machine learning. If MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error. We have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92. The fix will be included in TensorFlow 2.11. We will also...

7.5CVSS7AI score0.0044EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/11/18 12:0 a.m.10 views

PT-2022-26138

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.11 TensorFlow versions 2.10.1, 2.9.3, and 2.8.4 Description The issue occurs when tf.raw ops.ResizeNearestNeighborGrad is given a large size input, causing an overflow. This can be exploited with a specific input...

7.5CVSS7.2AI score0.0044EPSS
Exploits1References14
Rows per page
Query Builder