Lucene search
K

72 matches found

CNNVD
CNNVD
added 2023/05/05 12:0 a.m.5 views

LLVM project 缓冲区错误漏洞

LLVM project is a collection of modular, reusable compiler and toolchain technologies open-sourced by LLVM. A security vulnerability exists in LLVM project version a0138390, which stems from a segmentation error in the component matchAndRewriteSortOp...

5.5CVSS5.5AI score0.00215EPSS
Exploits0References3
Snyk
Snyk
added 2023/03/26 7:18 a.m.1 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference when SparseSparseMaximum is given invalid sparse tensors as inputs. PoC import tensorflow as tf tf.rawops.SparseSparseMaximum aindices=1, avalues = 0.1 , ashape = 2, bindices=, bvalues =2 , bshape = 2, Remediati...

7.5CVSS7AI score0.00439EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/03/25 12:0 a.m.5 views

Google TensorFlow 代码问题漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A code issue vulnerability exists in Google TensorFlow version 2.12 prior to version 2.12.0 and version 2.11 prior to version 2.11.1, which stems from the fact that...

7.5CVSS6.6AI score0.00439EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.1 views

SUSE CVE-2021-29514

TensorFlow is an end-to-end open source platform for machine learning. If the splits argument of RaggedBincount does not specify a valid SparseTensorhttps://www.tensorflow.org/apidocs/python/tf/sparse/SparseTensor, then an attacker can trigger a heap buffer overflow. This will cause a read from...

7.8CVSS7.7AI score0.00211EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-29523

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.AddManySparseToTensorsMap. This is because the...

5.5CVSS5.4AI score0.00189EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.2 views

SUSE CVE-2021-29559

TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data outside of bounds of heap allocated array in tf.rawops.UnicodeEncode. This is because the...

7.1CVSS6.9AI score0.00198EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.2 views

SUSE CVE-2021-37647

TensorFlow is an end-to-end open source platform for machine learning. When a user does not supply arguments that determine a valid sparse tensor, tf.rawops.SparseTensorSliceDataset implementation can be made to dereference a null pointer. The implementation has some argument validation but fails...

5.5CVSS5AI score0.0016EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.3 views

SUSE CVE-2022-21736

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

6.5CVSS6.4AI score0.00746EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.2 views

SUSE CVE-2022-29198

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service...

5.5CVSS5.5AI score0.00317EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.4 views

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google Inc. in the United States. Google TensorFlow suffers from an input validation error vulnerability that stems from a segmentation error that can be used to trigger a denial-of-service attack if inputs...

7.5CVSS7.5AI score0.00423EPSS
Exploits0References3
OSV
OSV
added 2022/05/24 10:13 p.m.1 views

GHSA-RC9W-5C64-9VQQ Missing validation results in undefined behavior in `SparseTensorDenseAdd

Impact The implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments: python import tensorflow as tf aindices = tf.constant0, shape=17, 2, dtype=tf.int64 avalues = tf.constant, shape=0, dtype=tf.float32 ashape = tf.constant6, 12, shape=2, dtype=tf.int64 b =...

5.5CVSS6AI score0.00338EPSS
Exploits1References9
OSV
OSV
added 2022/05/24 10:8 p.m.3 views

GHSA-MG66-QVC5-RM93 Missing validation causes denial of service via `SparseTensorToCSRSparseMatrix`

Impact The implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf indices = tf.constant53, shape=3, dtype=tf.int64 values =...

5.5CVSS5.8AI score0.00317EPSS
Exploits1References9
Debian CVE
Debian CVE
added 2022/05/20 10:15 p.m.3 views

CVE-2022-29206

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments. In this case, a reference gets bound to a nullptr during kernel execution. This is...

5.5CVSS7.1AI score0.00338EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/05/20 9:50 p.m.6 views

CVE-2022-29198

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service...

5.5CVSS7AI score0.00317EPSS
Exploits1
CNNVD
CNNVD
added 2022/05/20 12:0 a.m.2 views

Google TensorFlow代码问题漏洞

Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable to a code issue in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which stems from tf.rawops. SparseTensorDenseAdd has incomplete validation for the input parameters. No detailed...

5.5CVSS5.7AI score0.00338EPSS
Exploits1References8
OSV
OSV
added 2022/02/09 11:43 p.m.1 views

GHSA-PFJJ-M3JJ-9JC9 Undefined behavior in `SparseTensorSliceDataset`

Impact The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value: python import tensorflow as tf import numpy as np tf.rawops.SparseTensorSliceDataset indices=, values=, denseshape=1,1 The 3 input arguments...

7.6CVSS5.8AI score0.00746EPSS
Exploits1References7
PyPA
PyPA
added 2022/02/03 12:15 p.m.6 views

PYSEC-2022-60

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

7.6CVSS6.9AI score0.00746EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/02/03 12:15 p.m.3 views

PYSEC-2022-115

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

7.6CVSS5.9AI score0.00746EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2022/02/03 12:8 p.m.2 views

CVE-2022-21736

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

7.6CVSS6.9AI score0.00746EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/02/03 12:0 a.m.3 views

PT-2022-15076 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: The implementation of SparseTensorSliceDataset has an undefined behavior, which can cause a nullptr value to be dereferenced under...

7.6CVSS6.3AI score0.00746EPSS
Exploits1References15
Rows per page
Query Builder