Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

797 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 3:37 a.m.2 views

SUSE CVE-2021-41210

TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for SparseCountSparseOutput can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow...

7.1CVSS6.8AI score0.00019EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:37 a.m.1 views

SUSE CVE-2021-41211

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array. This occurs whenever axis is a negative value less than -1. In this case, we are accessing data before the start o...

7.1CVSS6.9AI score0.00019EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:37 a.m.1 views

SUSE CVE-2021-41212

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for tf.ragged.cross can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...

7.1CVSS7AI score0.00019EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:37 a.m.2 views

SUSE CVE-2021-41214

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for tf.ragged.cross has an undefined behavior due to binding a reference to nullptr. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...

7.8CVSS7.5AI score0.00018EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:37 a.m.1 views

SUSE CVE-2021-41215

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for DeserializeSparse can trigger a null pointer dereference. This is because the shape inference function assumes that the serializesparse tensor is a tensor with positive rank and having 3 ...

5.5CVSS5.6AI score0.00017EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:37 a.m.2 views

SUSE CVE-2021-41221

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the Cudnn operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow. This occurs because the ranks of the input, inputh and inputc parameters are n...

7.8CVSS7.7AI score0.0002EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:29 a.m.1 views

SUSE CVE-2022-21727

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for Dequantize is vulnerable to an integer overflow weakness. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of dimensions of the...

8.8CVSS8.8AI score0.00317EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:29 a.m.2 views

SUSE CVE-2022-21731

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion. The axis argument is translated into concatdim in the ConcatShapeHelper helper function. Then, a...

6.5CVSS6.3AI score0.00303EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:28 a.m.1 views

SUSE CVE-2022-23571

Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments, if the tensors have an invalid dtype and 0 elements or an invalid shape. This allows...

6.5CVSS6.3AI score0.00118EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:28 a.m.1 views

SUSE CVE-2022-23572

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the DCHECK function however, DCHECK is a no-op in production builds and an assertion failure in debug builds. In the first cas...

6.5CVSS6.5AI score0.00507EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:28 a.m.3 views

SUSE CVE-2022-23576

Tensorflow is an Open Source Machine Learning Framework. The implementation of OpLevelCostEstimator::CalculateOutputSize is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number ...

6.5CVSS6.6AI score0.0022EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:28 a.m.2 views

SUSE CVE-2022-23580

Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, a...

6.5CVSS6.5AI score0.00301EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:24 a.m.1 views

SUSE CVE-2022-35963

TensorFlow is an open source platform for machine learning. The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the...

7.5CVSS8.2AI score0.00064EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:24 a.m.1 views

SUSE CVE-2022-35959

TensorFlow is an open source platform for machine learning. The implementation of AvgPool3DGradOp does not fully validate the input originputshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in...

7.5CVSS7.8AI score0.00064EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:24 a.m.2 views

SUSE CVE-2022-35968

TensorFlow is an open source platform for machine learning. The implementation of AvgPoolGrad does not fully validate the input originputshape. This results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

7.5CVSS7.6AI score0.0007EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:24 a.m.1 views

SUSE CVE-2022-35984

TensorFlow is an open source platform for machine learning. ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

7.5CVSS7.6AI score0.00064EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:24 a.m.1 views

SUSE CVE-2022-35987

TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...

7.5CVSS7.7AI score0.00064EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:24 a.m.1 views

SUSE CVE-2022-35998

TensorFlow is an open source platform for machine learning. If EmptyTensorList receives an input elementshape with more than one dimension, it gives a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

7.5CVSS7.7AI score0.00074EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:22 a.m.2 views

SUSE CVE-2022-45406

If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5,...

9.8CVSS8.1AI score0.00419EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2023/02/13 12:0 a.m.1 views

PT-2023-35226 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v4.0 through v5.10.165 Description: The issue concerns the shape of output reports. It was introduced in version v4.0 and fixed in version v5.10.166. The actual impact and attack plausibility have not yet been proven...

7.2AI score
Exploits0References1
Rows per page
Query Builder