Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14329 matches found

Cvelist
Cvelistadded 2022/02/04 10:32 p.m.46 views

CVE-2022-23562 Integer overflow in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of Range suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

7.6CVSS9AI score0.00578EPSS
Exploits0References4
CVE
CVEadded 2022/02/04 10:32 p.m.108 views

CVE-2022-23562

TensorFlow vulnerability CVE-2022-23562 concerns the Range implementation: integer overflows in Range can cause undefined behavior or extremely large allocations. Public notes indicate a fix will be included in TensorFlow 2.8.0, with cherry-picks to affected supported releases (2.7.1, 2.6.3, 2.5....

8.8CVSS8.1AI score0.00578EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVEadded 2022/02/04 10:32 p.m.3 views

CVE-2022-23562

Tensorflow is an Open Source Machine Learning Framework. The implementation of Range suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

8.8CVSS7AI score0.00578EPSS
Exploits0
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.35 views

CVE-2022-23563 Insecure temporary file in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in...

7.1CVSS7.1AI score0.0011EPSS
Exploits0References1
CVE
CVEadded 2022/02/04 10:32 p.m.105 views

CVE-2022-23563

TensorFlow (CVE-2022-23563) describes a TOCTOU race caused by tempfile.mktemp usage, where a temporary file could be created by another process between the check and the actual creation. Several connected sources confirm this insecure temporary-file pattern and note that the fix replaces mktemp w...

7.1CVSS6.4AI score0.0011EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVEadded 2022/02/04 10:32 p.m.4 views

CVE-2022-23563

Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in...

7.1CVSS7AI score0.0011EPSS
Exploits0
OSV
OSVadded 2022/02/04 10:32 p.m.22 views

CVE-2022-23563 Insecure temporary file in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in...

7.1CVSS6.4AI score0.0011EPSS
Exploits0References3
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.34 views

CVE-2022-23559 Integer overflow in TFLite

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS9AI score0.01173EPSS
Exploits1References5
CVE
CVEadded 2022/02/04 10:32 p.m.121 views

CVE-2022-23559

TensorFlow/TensorFlow Lite contains an integer overflow in embedding_lookup_sparse within TFLite. The vulnerability arises because embedding_size and lookup_size are computed as products of user-supplied values, enabling overflow during multiplication and potentially leading to a heap-based out-o...

8.8CVSS8.7AI score0.01173EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVEadded 2022/02/04 10:32 p.m.5 views

CVE-2022-23559

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS7.2AI score0.01173EPSS
Exploits1
OSV
OSVadded 2022/02/04 10:32 p.m.24 views

CVE-2022-23559 Integer overflow in TFLite

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embeddingsize and lookupsize are products of values provided by the user. Hence, a malicious user could trigger overflows in the...

8.8CVSS8.5AI score0.01173EPSS
Exploits1References7
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.43 views

CVE-2022-23560 Read and Write outside of bounds in TFLite

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

8.8CVSS8.9AI score0.00837EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2022/02/04 10:32 p.m.5 views

CVE-2022-23560 Read and Write outside of bounds in TFLite

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

8.8CVSS8.6AI score0.00837EPSS
Exploits1References3
OSV
OSVadded 2022/02/04 10:32 p.m.21 views

CVE-2022-23560 Read and Write outside of bounds in TFLite

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

8.8CVSS8.2AI score0.00837EPSS
Exploits1References5
CVE
CVEadded 2022/02/04 10:32 p.m.152 views

CVE-2022-23560

CVE-2022-23560 affects TensorFlow/TFLite: a vulnerability in converting sparse tensors to dense tensors allows limited reads/writes outside array bounds due to missing validation in sparsity_format_converter. The issue is addressed with the TensorFlow 2.8.0 fix, with cherry-picks to 2.7.1, 2.6.3,...

8.8CVSS8.6AI score0.00837EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2022/02/04 10:32 p.m.38 views

CVE-2022-23574 Out of bounds read and write in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's SpecializeType which results in heap OOB read/write. Due to a typo, arg is initialized to the ith mutable argument in a loop where the loop index is j. Hence it is possible to assign to arg from outside the...

8.8CVSS8.6AI score0.00837EPSS
Exploits1References5
CVE
CVEadded 2022/02/04 10:32 p.m.114 views

CVE-2022-23574

CVE-2022-23574 affects TensorFlow. A typo in SpecializeType leads to a heap out-of-bounds read/write by initializing arg to the i-th mutable argument in a loop, enabling writes/read beyond bounds. The issue is fixed in TensorFlow 2.8.0, with cherry-picks for TensorFlow 2.7.1 and 2.6.3. Affected r...

8.8CVSS8.6AI score0.00837EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2022/02/04 10:32 p.m.6 views

CVE-2022-23574 Out of bounds read and write in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's SpecializeType which results in heap OOB read/write. Due to a typo, arg is initialized to the ith mutable argument in a loop where the loop index is j. Hence it is possible to assign to arg from outside the...

8.8CVSS8.6AI score0.00837EPSS
Exploits1References3
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.26 views

CVE-2022-23574 Out of bounds read and write in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's SpecializeType which results in heap OOB read/write. Due to a typo, arg is initialized to the ith mutable argument in a loop where the loop index is j. Hence it is possible to assign to arg from outside the...

8.8CVSS8.9AI score0.00837EPSS
Exploits1References3
Debian CVE
Debian CVEadded 2022/02/04 10:32 p.m.3 views

CVE-2022-23574

Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's SpecializeType which results in heap OOB read/write. Due to a typo, arg is initialized to the ith mutable argument in a loop where the loop index is j. Hence it is possible to assign to arg from outside the...

8.8CVSS6.9AI score0.00837EPSS
Exploits1
Rows per page
Query Builder