Lucene search
K

14315 matches found

OSV
OSV
added 3 days ago4 views

PYSEC-2026-548 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation

Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...

9.8CVSS6.7AI score0.00831EPSS
Exploits1References6
OSV
OSV
added 3 days ago4 views

PYSEC-2026-549 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation

Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...

9.8CVSS6.7AI score0.00831EPSS
Exploits1References6
OSV
OSV
added 3 days ago4 views

PYSEC-2026-550 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation

Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...

9.8CVSS6.7AI score0.00831EPSS
Exploits1References6
OSV
OSV
added 3 days ago4 views

PYSEC-2026-369 Keras code injection vulnerability

A arbitrary code injection vulnerability in TensorFlow's Keras framework 2.13 allows attackers to execute arbitrary code with the same permissions as the application using a model that allow arbitrary code irrespective of the application...

9.8CVSS8AI score0.01745EPSS
Exploits1References7
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.17 views

CVE-2026-44727 vulnerabilities

Vulnerabilities for packages: tensorflow-gpu-jupyter, tensorflow-cpu-jupyter...

9.3CVSS5.8AI score0.00227EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.6 views

GHSA-VMHF-C436-HXJ4 vulnerabilities

Vulnerabilities for packages: tensorflow-gpu-jupyter...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.8 views

GHSA-FCW5-X6J4-CCMP vulnerabilities

Vulnerabilities for packages: tensorflow-gpu-jupyter, tensorflow-cpu-jupyter...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/06/20 2:16 p.m.11 views

GHSA-FCW5-X6J4-CCMP vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/06/20 2:16 p.m.10 views

CVE-2026-44727 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter...

9.3CVSS5.8AI score0.00227EPSS
Exploits0
Wolfi
Wolfi
added 2026/06/13 7:48 p.m.13 views

CVE-2026-49854 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, mitmproxy, airflow...

5.8AI score0.00027EPSS
Exploits0
Wolfi
Wolfi
added 2026/06/13 7:48 p.m.13 views

GHSA-CX3H-4QPV-8HC9 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, mitmproxy, airflow...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/13 7:18 p.m.12 views

CVE-2026-49854 vulnerabilities

Vulnerabilities for packages: litellm, airflow, mitmproxy, tensorflow-gpu-jupyter, tensorflow-cpu-jupyter...

5.8AI score0.00027EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/13 7:18 p.m.11 views

GHSA-CX3H-4QPV-8HC9 vulnerabilities

Vulnerabilities for packages: litellm, airflow, mitmproxy, tensorflow-gpu-jupyter, tensorflow-cpu-jupyter...

5.8AI score
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/22 6:16 p.m.19 views

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

6.2CVSS6AI score0.00132EPSS
Exploits0References3
OSV
OSV
added 2026/05/22 6:16 p.m.12 views

UBUNTU-CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

6.2CVSS6AI score0.00132EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.20 views

PT-2026-42819

Name of the Vulnerable Software and Affected Versions Arm ArmNN versions prior to 2026-03-28 Description An integer overflow exists in the TensorShape::GetNumElements function within armnn/Tensor.cpp. This occurs when tensor dimensions are multiplied using 32-bit unsigned arithmetic without...

6.2CVSS6AI score0.00132EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/22 12:0 a.m.20 views

EUVD-2026-31476

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

6AI score0.00132EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/22 12:0 a.m.11 views

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

0.00132EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/22 12:0 a.m.16 views

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

6AI score0.00132EPSS
Exploits0References3
Wolfi
Wolfi
added 2026/05/01 7:48 p.m.21 views

CVE-2026-40171 vulnerabilities

Vulnerabilities for packages: jupyter-base-notebook, tensorflow-cpu-jupyter...

8.4CVSS5.8AI score0.00476EPSS
Exploits0
Rows per page
Query Builder