Lucene search
K

14329 matches found

Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.2 views

PT-2022-16087 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.1 TensorFlow versions 2.6.0 through 2.6.3 Description: When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable argumen...

7.1CVSS6.2AI score0.00992EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.4 views

PT-2022-16106 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The Grappler component of TensorFlow can trigger a null pointer dereference unde...

6.5CVSS6.2AI score0.01097EPSS
Exploits1References15
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.5 views

Google Tensorflow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow that could be exploited to trigger a denial of service by changing the SavedModel on disk...

6.5CVSS5.6AI score0.00469EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.6 views

Google TensorFlow 代码问题漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow has a code issue vulnerability that stems from TensorFlow's grappler component that can trigger null pointer dereferences. No detailed vulnerability details are available at th...

6.5CVSS5.6AI score0.01097EPSS
Exploits1References6
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.5 views

Google Tensorflow 输入验证错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google Tensorflow is vulnerable to an input validation error that could be exploited by an attacker to build a TFLite model that leads to an integer overflow in the embedding lookup operation...

8.8CVSS5.6AI score0.01173EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.4 views

PT-2022-16107 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions 2.7.0 through 2.7.0 and versions prior to 2.8.0 Description: A GraphDef from a TensorFlow SavedModel can be maliciously altered to cause a TensorFlow process to crash due to encountering a StatusOr value that is an error a...

7.5CVSS7.3AI score0.00973EPSS
Exploits1References14
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.5 views

Google Tensorflow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from the er optimizer in TensorFlow that can cause a denial of service by modifying the SavedModel so that issimplifiableshape will...

6.5CVSS5.6AI score0.012EPSS
Exploits1References6
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.5 views

Google TensorFlow 代码问题漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google USA. Google TensorFlow is vulnerable to a code issue that stems from the fact that TensorFlow may fail to specialize types during shape inference. No detailed vulnerability details are currently available...

6.5CVSS5.7AI score0.01034EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.4 views

PT-2022-16099 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: A malicious user can cause a denial of service by altering a SavedModel such tha...

6.5CVSS6.1AI score0.00783EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.4 views

PT-2022-16081 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operatio...

7.1CVSS6.2AI score0.00469EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.3 views

PT-2022-16077 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions prior to 2.7.1 TensorFlow versions prior to 2.6.3 TensorFlow versions prior to 2.5.3 Description: An attacker can craft a TFLite model to cause a write outside the bounds of an array in...

8.8CVSS8.5AI score0.0054EPSS
Exploits0References11
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.6 views

Google Tensorflow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, a U.S. company. Google Tensorflow has a security vulnerability that could be exploited by attackers to cause a memory leak...

4.3CVSS5.6AI score0.00716EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.5 views

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google TensorFlow is vulnerable to an input validation error that could be exploited by an attacker to create an operation that contains a tensor with enough elements to cause an integer overflow...

6.5CVSS5.7AI score0.00783EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.7 views

Google TensorFlow 数字错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A numerical error vulnerability exists in Google Tensorflow, which could be exploited by an attacker to create a TFLite model that triggers a division in the "BiasAndClamp" implementation. The...

6.5CVSS5.7AI score0.00757EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.6 views

Google TensorFlow 缓冲区错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google Tensorflow is vulnerable to a buffer overflow vulnerability that could be exploited by an attacker to build a TFLite model that allows limited reads and writes to the outside of arrays in TFLit...

8.8CVSS6AI score0.00837EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.5 views

Google Tensorflow 安全漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow has a security vulnerability that can be exploited by an attacker to cause a denial of service by modifying SavedModel...

6.5CVSS5.7AI score0.00864EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.4 views

Google TensorFlow 缓冲区错误漏洞

Google TensorFlow is a set of end-to-end open source platform for machine learning from Google Google Inc. Google TensorFlow has a buffer overflow vulnerability, which stems from the fact that TensorFlow is vulnerable to heap OOB write attacks in er. No detailed vulnerability details are currentl...

8.8CVSS6AI score0.00924EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.5 views

PT-2022-16074 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.0 TensorFlow versions 2.6.0 through 2.6.2 TensorFlow versions 2.5.0 through 2.5.2 Description: An attacker can craft a TFLite model that would cause an integer overflow ...

8.8CVSS8.7AI score0.01173EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.4 views

PT-2022-16101 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.0 will be fixed in 2.7.1 TensorFlow versions 2.6.0 through 2.6.2 will be fixed in 2.6.3 TensorFlow versions 2.5.0 through 2.5.2 will be fixed in 2.5.3 Description: A...

7.6CVSS6.5AI score0.00725EPSS
Exploits1References12
NVD
NVD
added 2022/02/03 3:15 p.m.31 views

CVE-2022-21740

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also...

8.8CVSS0.00788EPSS
Exploits1References4
Rows per page
Query Builder