CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PyPA•added 2021/05/14 8:15 p.m.•6 views

PYSEC-2021-495

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.SparseDenseCwiseMul, an attacker can trigger denial of service via CHECK-fails or accesses to outside the bounds of heap allocated data. Since the...

5.5CVSS7AI score0.00009EPSS

PyPA•added 2021/05/14 8:15 p.m.•3 views

PYSEC-2021-735

TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseAdd results in allowing attackers to exploit undefined behavior dereferencing null pointers as well as write outside of bounds of heap allocated data. The...

7.8CVSS7.2AI score0.00019EPSS

Exploits1References3Affected Software1

OSV•added 2021/05/14 8:15 p.m.•0 views

PYSEC-2021-683

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

5.5CVSS5.9AI score0.00009EPSS

OSV•added 2021/05/14 8:15 p.m.•1 views

PYSEC-2021-248

TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseReshape results in a denial of service based on a CHECK-failure. The...

5.5CVSS6.1AI score0.00009EPSS

OSV•added 2021/05/14 8:15 p.m.•1 views

PYSEC-2021-182

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in converting sparse tensors to CSR Sparse matrices. This is because the...

5.5CVSS5.9AI score0.00009EPSS

OSV•added 2021/05/14 8:15 p.m.•0 views

PYSEC-2021-645

5.5CVSS6.1AI score0.00009EPSS

5.5CVSS6.9AI score0.00009EPSS

PYSEC-2021-473

PyPA•added 2021/05/14 8:15 p.m.•3 views

PYSEC-2021-156

5.5CVSS6.8AI score0.00009EPSS

7.8CVSS7.2AI score0.00013EPSS

PYSEC-2021-458

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference by providing an invalid permutation to tf.rawops.SparseMatrixSparseCholesky. This is because the...

PyPA•added 2021/05/14 8:15 p.m.•5 views

PYSEC-2021-683

5.5CVSS7.1AI score0.00009EPSS

Prion•added 2021/05/14 8:15 p.m.•17 views

Input validation

TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseReshape results in a denial of service based on a CHECK-failure. The...

2.1CVSS5.4AI score0.00009EPSS

7.8CVSS7.2AI score0.00013EPSS

PYSEC-2021-656

7.8CVSS7.4AI score0.00012EPSS

PYSEC-2021-684

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...

OSV•added 2021/05/14 8:15 p.m.•0 views

PYSEC-2021-733

7.8CVSS5.9AI score0.00019EPSS

Exploits1References3

Debian CVE•added 2021/05/14 7:35 p.m.•1 views

CVE-2021-29519

5.5CVSS6.8AI score0.00009EPSS

Debian CVE•added 2021/05/14 7:35 p.m.•2 views

CVE-2021-29521

TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in tf.rawops.SparseCountSparseOutput results in a segmentation fault being thrown out from the standard library as std::vector invariants are broken. This is because the...

5.5CVSS6.9AI score0.00009EPSS

Debian CVE•added 2021/05/14 7:35 p.m.•2 views

CVE-2021-29523

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.AddManySparseToTensorsMap. This is because the...

5.5CVSS6.8AI score0.0001EPSS

Debian CVE•added 2021/05/14 7:21 p.m.•3 views

CVE-2021-29607

7.8CVSS7.2AI score0.00019EPSS