Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

888 matches found

Positive Technologies
Positive Technologiesadded 2021/05/14 12:0 a.m.2 views

PT-2021-18270 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: The API of tf.raw ops.SparseCross allows combinations which would result in a CHECK-failure an...

5.5CVSS5.2AI score0.00009EPSS
Exploits1References12
Positive Technologies
Positive Technologiesadded 2021/05/14 12:0 a.m.3 views

PT-2021-18370 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions 2.1.4 through 2.4.2 TensorFlow versions prior to 2.5.0 Description: Passing invalid arguments, such as those discovered via fuzzing, to tf.raw ops.SparseCountSparseOutput results in a segfault. Recommendations: For version...

5.5CVSS5.3AI score0.00009EPSS
Exploits1References14
Positive Technologies
Positive Technologiesadded 2021/05/14 12:0 a.m.4 views

PT-2021-18360 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.1.4 through 2.4.2 Description: Incomplete validation in SparseAdd results in allowing attackers to exploit undefined behavior, such as dereferencing null pointers and writing outside of...

7.8CVSS7.5AI score0.00019EPSS
Exploits1References14
Positive Technologies
Positive Technologiesadded 2021/05/14 12:0 a.m.2 views

PT-2021-18296 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: An attacker can trigger a denial of servic...

5.5CVSS5.2AI score0.00009EPSS
Exploits1References14
Positive Technologies
Positive Technologiesadded 2021/05/14 12:0 a.m.2 views

PT-2021-18281 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: An attacker can trigger a null pointer...

7.8CVSS7.4AI score0.00013EPSS
Exploits1References13
Positive Technologies
Positive Technologiesadded 2021/05/14 12:0 a.m.3 views

PT-2021-18274 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: An attacker can trigger a denial of service via a CHECK-fail in tf.raw...

5.5CVSS5.2AI score0.0001EPSS
Exploits1References13
Positive Technologies
Positive Technologiesadded 2021/05/14 12:0 a.m.2 views

PT-2021-18316 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: An attacker can trigger a null pointer...

5.5CVSS5.2AI score0.00038EPSS
Exploits1References13
Positive Technologies
Positive Technologiesadded 2021/05/14 12:0 a.m.3 views

PT-2021-18309 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: An attacker can cause a heap buffer overflow in tf.raw ops.SparseSplit because the...

7.8CVSS7.7AI score0.00012EPSS
Exploits1References13
CNNVD
CNNVDadded 2021/05/14 12:0 a.m.2 views

Google TensorFlow 缓冲区错误漏洞

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds access vulnerability exists in Google TensorFlow SparseDenseCwiseMul. An attacker can exploit the vulnerability by passing an invalid parameter to "tf.raw\u ops.backpropinput" to write outside the...

7.8CVSS5.7AI score0.00011EPSS
Exploits1References3
OSV
OSVadded 2021/01/13 6:56 p.m.0 views

USN-4692-1 tar vulnerabilities

Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu...

7.5CVSS6.7AI score0.004EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2020/12/09 12:0 a.m.37 views

SUSE SLES12 Security Update : tar (SUSE-SU-2020:2806-1)

This update for tar fixes the following issues : Security issues fixed : CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in paxdecodeheader bsc1130496. CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file...

7.5CVSS6.2AI score0.004EPSS
Exploits1References7
Veracode
Veracodeadded 2020/09/28 8:6 a.m.19 views

Arbitrary Code Execution

tensorlfow is vulnerable to arbitrary code execution. The SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor, allowing an attacker to execute arbitrary code on the host OS by causing a shape mismatch that can result in accesses outside of...

5.4CVSS4.6AI score0.00169EPSS
Exploits1References3Affected Software3
CNVD
CNVDadded 2020/09/28 12:0 a.m.4 views

Tensorflow Data Validation Vulnerability

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Tensorflow version 2.3.0 that stems from the inability of the SparseCountSparseOutput and RaggedCountSparseOutput implementations to verify that the weights...

9.9CVSS7.1AI score0.00302EPSS
Exploits1References1
CNVD
CNVDadded 2020/09/28 12:0 a.m.8 views

Google TensorFlow Buffer Overflow Vulnerability (CNVD-2020-54782)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Tensorflow SparseFillEmptyRowsGrad versions prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1, 2.3.1, and 2.3.1, which arises from a networked system or product that perfor...

8.8CVSS7AI score0.00355EPSS
Exploits1References1
PyPA
PyPAadded 2020/09/25 7:15 p.m.5 views

PYSEC-2020-121

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has the same shape as the values one. The values in these tensors are always accessed...

5.8CVSS6.9AI score0.00169EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2020/09/25 7:15 p.m.1 views

PYSEC-2020-124

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Hence, the code is...

6.8CVSS6.2AI score0.00195EPSS
Exploits1References3
PyPA
PyPAadded 2020/09/25 7:15 p.m.5 views

PYSEC-2020-122

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data...

5.9CVSS7AI score0.00239EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2020/09/25 7:15 p.m.21 views

PYSEC-2020-276

In Tensorflow version 2.3.0, the SparseCountSparseOutput and RaggedCountSparseOutput implementations don't validate that the weights tensor has the same shape as the data. The check exists for DenseCountSparseOutput, where both tensors are fully specified. In the sparse and ragged count weights a...

9.9CVSS2.1AI score0.00302EPSS
Exploits1References3
OSV
OSVadded 2020/09/25 7:15 p.m.1 views

PYSEC-2020-313

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has the same shape as the values one. The values in these tensors are always accessed...

5.8CVSS6.1AI score0.00169EPSS
Exploits1References3
OSV
OSVadded 2020/09/25 7:15 p.m.0 views

PYSEC-2020-312

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has rank 2. This tensor must be a matrix because code assumes its elements are access...

6.3CVSS6.6AI score0.0022EPSS
Exploits1References3
Rows per page
Query Builder