CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

797 matches found

Prion•added 2022/02/03 11:15 a.m.•13 views

Heap overflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

5.5CVSS8AI score0.01078EPSS

Exploits1References4Affected Software1

PyPA•added 2022/02/03 11:15 a.m.•4 views

PYSEC-2022-51

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for Dequantize is vulnerable to an integer overflow weakness. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of dimensions of the...

8.8CVSS7.6AI score0.00317EPSS

Exploits1References3Affected Software1

Prion•added 2022/02/03 11:15 a.m.•22 views

Integer overflow

6.5CVSS8.8AI score0.00317EPSS

Exploits1References3Affected Software1

OSV•added 2022/02/03 11:15 a.m.•0 views

PYSEC-2022-107

8.1CVSS5.9AI score0.01078EPSS

Exploits1References4

OSV•added 2022/02/03 11:15 a.m.•0 views

PYSEC-2022-106

8.8CVSS6.1AI score0.00317EPSS

Exploits1References3

PyPA•added 2022/02/03 11:15 a.m.•4 views

PYSEC-2022-106

8.8CVSS7.6AI score0.00317EPSS

Exploits1References3Affected Software1

CVE•added 2022/02/03 11:7 a.m.•159 views

CVE-2022-21727

CVE-2022-21727 : TensorFlow’s Dequantize shape inference is vulnerable to an integer overflow because the axis bound is not checked before computing axis+1. The fix is to be included in TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3, and 2.5.3. Remediation guidance across connected sources i...

8.8CVSS8.2AI score0.00317EPSS

Exploits1References3Affected Software1

OSV•added 2022/02/03 11:7 a.m.•25 views

CVE-2022-21727 Integer overflow in Tensorflow

7.6CVSS8.8AI score0.00317EPSS

Exploits1References5

Debian CVE•added 2022/02/03 11:7 a.m.•4 views

CVE-2022-21727

8.8CVSS7.5AI score0.00317EPSS

Exploits1

Vulnrichment•added 2022/02/03 11:7 a.m.•7 views

CVE-2022-21727 Integer overflow in Tensorflow

7.6CVSS8.9AI score0.00317EPSS

Exploits1References3

CVE•added 2022/02/03 10:55 a.m.•116 views

CVE-2022-21728

CVE-2022-21728 affects TensorFlow: ReverseSequence shape-inference can yield a heap-based out-of-bounds read because batch_dim is checked for being too large but not for negative values. The mitigation path is a forthcoming fix in TensorFlow 2.8.0, with cherry-picks into 2.7.1, 2.6.3, and 2.5.3. ...

8.1CVSS8AI score0.01078EPSS

Exploits1References4Affected Software1

Debian CVE•added 2022/02/03 10:55 a.m.•3 views

CVE-2022-21728

8.1CVSS6.9AI score0.01078EPSS

Exploits1

CNNVD•added 2022/02/03 12:0 a.m.•2 views

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google Tensorflow suffers from an input validation error vulnerability, which stems from the fact that implementations of dequantized shape inference are vulnerable to integer overflow weaknesses, whi...

8.8CVSS5.8AI score0.00317EPSS

Exploits1References4

Positive Technologies•added 2022/02/03 12:0 a.m.•4 views

PT-2022-15066 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The implementation of shape inference for Dequantize is vulnerable to an integer...

8.8CVSS8.7AI score0.00317EPSS

Exploits1References13

Positive Technologies•added 2022/02/03 12:0 a.m.•2 views

PT-2022-15071 · Google · Tensorflow

7.1CVSS6.2AI score0.00303EPSS

Exploits1References15

CNVD•added 2021/12/01 12:0 a.m.•6 views

Business-Dna Solution GmbH TopEase Access Control Error Vulnerability

Business-Dna Solution GmbH TopEase is a "Transformational Risk" solution from Business-Dna Solution GmbH, Switzerland. It is used to manage complex projects and initiatives comprehensively, simply, quickly and securely. An access control error vulnerability exists in Business-Dna Solution GmbH...

4.3CVSS6.7AI score0.00128EPSS

Exploits0References1

OSV•added 2021/11/30 12:15 p.m.•1 views

CVE-2021-42116

Incorrect Access Control in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 allows an authenticated remote attacker to view the Shape Editor and Settings, which are functionality for higher privileged users, via identifying said components in the...

4.3CVSS5.9AI score

Exploits0References1

CNNVD•added 2021/11/30 12:0 a.m.•3 views

Business-Dna Solution GmbH TopEase 安全漏洞

4.3CVSS5.6AI score0.00128EPSS

Exploits0References2

CNVD•added 2021/11/24 12:0 a.m.•21 views

Google TensorFlow Buffer Overflow Vulnerability (CNVD-2022-09870)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A buffer overflow vulnerability exists in Google TensorFlow, which stems from undefined behavior of the shape inference code of "tf.ragged.cross" due to a bound reference to "nullptr" in the...

7.8CVSS7.5AI score0.00018EPSS

Exploits1References1

OSV•added 2021/11/10 7:35 p.m.•2 views

GHSA-PRCG-WP5Q-RV7P Crashes due to overflow and `CHECK`-fail in ops with large tensor shapes

Impact TensorFlow allows tensor to have a large number of dimensions and each dimension can be as large as desired. However, the total number of elements in a tensor must fit within an int64t. If an overflow occurs, MultiplyWithoutOverflow would return a negative result. In the majority of...

6.8CVSS5.8AI score0.00022EPSS

Exploits1References11

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by