Lucene search
K

591 matches found

SUSE CVE
SUSE CVE
added 2023/03/28 1:50 a.m.3 views

SUSE CVE-2023-25668

TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick...

9.8CVSS8.1AI score0.00831EPSS
Exploits1References3
OSV
OSV
added 2023/03/27 9:15 p.m.1 views

UBUNTU-CVE-2023-1077

In the Linux kernel, picknextrtentity may return a type confused entry, not detected by the BUGON condition, as the confused entry will not be NULL, but listhead.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused...

7CVSS6.5AI score0.00278EPSS
Exploits0References13
Cvelist
Cvelist
added 2023/03/27 2:10 p.m.35 views

CVE-2023-27296 Apache InLong: JDBC Deserialization Vulnerability in InLong

Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong. It could be triggered by authenticated users of InLong, you could refer to 1 to know more about this vulnerability. This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade...

8.8AI score0.01475EPSS
Exploits0References1
OSV
OSV
added 2023/03/25 12:15 a.m.5 views

AZL-31200 CVE-2023-25668 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick...

9.8CVSS7AI score0.00831EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2023/03/24 11:33 p.m.1 views

CVE-2023-25668

TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick...

9.8CVSS8.1AI score0.00831EPSS
Exploits1
OSV
OSV
added 2023/03/24 9:58 p.m.5 views

GHSA-93VR-9Q9M-PJ8P TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch

Impact If the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. python import tensorflow as tf func = tf.rawops.DynamicStitch para='indices': 0xdeadbeef, 405, 519, 758, 1015, 'data': 110.27793884277344, 120.29475402832031,...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References4
OSV
OSV
added 2023/03/24 9:58 p.m.2 views

GHSA-7JVM-XXMR-V5CW TensorFlow vulnerable to integer overflow in EditDistance

Impact TFversion 2.11.0 //tensorflow/core/ops/arrayops.cc:1067 const Tensor hypothesisshapet = c-inputtensor2; std::vector dimshypothesisshapet-NumElements - 1; for int i = 0; i MakeDimstd::maxhvaluesi, tvaluesi; if hypothesisshapet is empty, hypothesisshapet-NumElements - 1 will be integer...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References4
OSV
OSV
added 2023/03/24 9:58 p.m.2 views

GHSA-64JG-WJWW-7C5W TensorFlow has Null Pointer Error in TensorArrayConcatV2

Impact When ctx-stepcontainter is a null ptr, the Lookup function will be executed with a null pointer. python import tensorflow as tf tf.rawops.TensorArrayConcatV2handle='a', 'b', flowin = 0.1, dtype=tf.int32, elementshapeexcept0=1 Patches We have patched the issue in GitHub commit...

7.5CVSS5.8AI score0.00391EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.4 views

SUSE CVE-2021-29518

TensorFlow is an end-to-end open source platform for machine learning. In eager mode default in TF 2.0 and later, session operations are invalid. However, users could still call the raw ops associated with them and trigger a null pointer dereference. The...

7.8CVSS7.4AI score0.00201EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.5 views

SUSE CVE-2021-29525

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in tf.rawops.Conv2DBackpropInput. This is because the...

7.8CVSS7.5AI score0.00201EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.5 views

SUSE CVE-2021-29524

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in tf.rawops.Conv2DBackpropFilter. This is because the...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-29530

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference by providing an invalid permutation to tf.rawops.SparseMatrixSparseCholesky. This is because the...

7.8CVSS7.6AI score0.00232EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.4 views

SUSE CVE-2021-29535

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedMul by passing in invalid thresholds for the quantization. This is because the...

7.8CVSS7.7AI score0.00211EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.4 views

SUSE CVE-2021-29556

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.Reverse. This is because the...

5.5CVSS5.3AI score0.00189EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-29557

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-29560

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.RaggedTensorToTensor. This is because the...

7.1CVSS7AI score0.00208EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-29572

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.SdcaOptimizer triggers undefined behavior due to dereferencing a null pointer. The...

5.5CVSS5.4AI score0.00189EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-29574

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPool3DGradGrad exhibits undefined behavior by dereferencing null pointers backing attacker-supplied empty tensors. The...

7.8CVSS7.5AI score0.00201EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.6 views

SUSE CVE-2021-29575

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. The...

5.5CVSS5.8AI score0.00198EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.4 views

SUSE CVE-2021-29578

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalAvgPoolGrad is vulnerable to a heap buffer overflow. The...

7.8CVSS7.8AI score0.00211EPSS
Exploits1References3
Rows per page
Query Builder