Lucene search
K

14329 matches found

CVE
CVE
added 2022/02/04 10:32 p.m.132 views

CVE-2022-23557

TensorFlow/TFLite BiasAndClamp vulnerability: a crafted TFLite model can trigger a division by zero due to missing non-zero bias_size checks in BiasAndClamp. The issue affects TFLite in TensorFlow and will be fixed in TensorFlow 2.8.0, with cherry-picks planned for TensorFlow 2.7.1, 2.6.3, and 2....

6.5CVSS6.6AI score0.00757EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/02/04 10:32 p.m.3 views

CVE-2022-23557

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in BiasAndClamp implementation. There is no check that the biassize is non zero. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

6.5CVSS7AI score0.00757EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2022/02/04 10:32 p.m.7 views

CVE-2022-23558 Integer overflow in TFLite array creation

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...

7.6CVSS8.8AI score0.00811EPSS
Exploits1References4
CVE
CVE
added 2022/02/04 10:32 p.m.126 views

CVE-2022-23558

CVE-2022-23558 describes an integer overflow in TensorFlow’s TFLite path: TfLiteIntArrayCreate alloc_size is derived from TfLiteIntArrayGetSizeInBytes(size), which returns an int instead of a size_t, enabling an attacker-controlled input to overflow computed_size. Affected: TensorFlow/TFLite mode...

8.8CVSS8.2AI score0.00811EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/02/04 10:32 p.m.44 views

CVE-2022-23558 Integer overflow in TFLite array creation

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...

7.6CVSS9.1AI score0.00811EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2022/02/04 10:32 p.m.5 views

CVE-2022-23558

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...

8.8CVSS7.3AI score0.00811EPSS
Exploits1
OSV
OSV
added 2022/02/04 10:32 p.m.25 views

CVE-2022-23558 Integer overflow in TFLite array creation

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...

7.6CVSS8.7AI score0.00811EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/02/04 10:32 p.m.26 views

CVE-2022-23570 Null-dereference in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a DCHECK. However, DCHECK is a no-op in production builds...

6.5CVSS6.7AI score0.00992EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/02/04 10:32 p.m.10 views

CVE-2022-23570 Null-dereference in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a DCHECK. However, DCHECK is a no-op in production builds...

6.5CVSS6.5AI score0.00992EPSS
Exploits1References3
CVE
CVE
added 2022/02/04 10:32 p.m.152 views

CVE-2022-23570

CVE-2022-23570 concerns TensorFlow, where decoding a tensor from protobuf may trigger a null-dereference when attributes of mutable arguments are missing. The issue is guarded by a DCHECK, which is a no-op in production and triggers an assertion in debug builds, potentially leading to a crash. Th...

6.5CVSS6.6AI score0.00992EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/02/04 10:32 p.m.29 views

CVE-2022-23570 Null-dereference in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a DCHECK. However, DCHECK is a no-op in production builds...

6.5CVSS6.4AI score0.00992EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/02/04 10:32 p.m.36 views

CVE-2022-23564 Reachable Assertion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow...

6.5CVSS6.5AI score0.00469EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/02/04 10:32 p.m.4 views

CVE-2022-23564 Reachable Assertion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow...

6.5CVSS6.3AI score0.00469EPSS
Exploits0References2
CVE
CVE
added 2022/02/04 10:32 p.m.104 views

CVE-2022-23564

CVE-2022-23564 (TensorFlow) : The issue is a denial-of-service in TensorFlow caused by an invalidated CHECK assertion when decoding a resource handle tensor from protobuf, triggered by user-controlled arguments. Affected: TensorFlow (TF) processes; root cause is an assertion failure path during r...

6.5CVSS6.4AI score0.00469EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2022/02/04 10:32 p.m.3 views

CVE-2022-23564

Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow...

6.5CVSS6.8AI score0.00469EPSS
Exploits0
OSV
OSV
added 2022/02/04 10:32 p.m.30 views

CVE-2022-23564 Reachable Assertion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow...

6.5CVSS6.2AI score0.00469EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/02/04 10:32 p.m.41 views

CVE-2022-23565 `CHECK`-failures in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

6.5CVSS6.6AI score0.00469EPSS
Exploits0References2
CVE
CVE
added 2022/02/04 10:32 p.m.120 views

CVE-2022-23565

CVE-2022-23565 : TensorFlow contains a denial-of-service risk caused by an assertion failure when a SavedModel on disk has duplicated AttrDef entries for an operation. The issue’s root cause is described across connected sources as a SavedModel mismatch that can trigger a crash under certain on-d...

6.5CVSS6.5AI score0.00469EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/02/04 10:32 p.m.18 views

CVE-2022-23565 `CHECK`-failures in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

6.5CVSS6.3AI score0.00469EPSS
Exploits0References4
OSV
OSV
added 2022/02/04 10:32 p.m.25 views

CVE-2022-23562 Integer overflow in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of Range suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

7.6CVSS8.6AI score0.00578EPSS
Exploits0References6
Rows per page
Query Builder