Lucene search
K

8 matches found

CNNVD
CNNVD
added 2026/01/10 12:0 a.m.4 views

vLLM 安全漏洞

vLLM is vLLM open source a high throughput and memory efficient inference and service engine for LLM. A security vulnerability exists in vLLM version 0.6.4 up to and including version 0.12.0, which stems from the fact that sending specially crafted 1x1 pixel images results in a tensor dimension...

7.5CVSS6.4AI score0.00403EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.7 views

PT-2026-2260

Name of the Vulnerable Software and Affected Versions vLLM versions 0.6.4 through 0.11.9 Description vLLM is an inference and serving engine for large language models LLMs. Users can cause the vLLM engine to crash when serving multimodal models that utilize the Idefics3 vision model implementatio...

6.5CVSS6.6AI score0.00403EPSS
Exploits1References5
Veracode
Veracode
added 2024/09/04 6:58 a.m.6 views

Division By Zero Error

TensorFlow is vulnerable to a Division By Zero Error. The vulnerability is due to a division by zero error in the TFLite implementation of hashtable lookup when the values tensor's first dimension is 0, allowing an attacker to craft a model that, when processed, triggers the division by zero erro...

5.5CVSS6.4AI score0.00189EPSS
Exploits1References4Affected Software3
PyPA
PyPA
added 2021/05/14 8:15 p.m.5 views

PYSEC-2021-682

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.Reverse. This is because the...

5.5CVSS6.8AI score0.00189EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2021/05/14 7:17 p.m.3 views

CVE-2021-29555

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.FusedBatchNorm. This is because the...

5.5CVSS6.8AI score0.00189EPSS
Exploits1
PyPA
PyPA
added 2020/09/25 7:15 p.m.7 views

PYSEC-2020-131

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can...

9.8CVSS6.9AI score0.00893EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2020/09/25 7:15 p.m.6 views

PYSEC-2020-288

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can...

9.8CVSS6.9AI score0.00893EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/09/25 6:28 p.m.3 views

GHSA-MXJJ-953W-2C2V Data corruption in tensorflow-lite

Impact When determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/types.hL437-L442 Since the function...

8.6CVSS7AI score0.00893EPSS
Exploits1References9
Rows per page
Query Builder