14329 matches found
PT-2022-16087 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.1 TensorFlow versions 2.6.0 through 2.6.3 Description: When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable argumen...
PT-2022-16106 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The Grappler component of TensorFlow can trigger a null pointer dereference unde...
Google Tensorflow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow that could be exploited to trigger a denial of service by changing the SavedModel on disk...
Google TensorFlow 代码问题漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow has a code issue vulnerability that stems from TensorFlow's grappler component that can trigger null pointer dereferences. No detailed vulnerability details are available at th...
Google Tensorflow 输入验证错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google Tensorflow is vulnerable to an input validation error that could be exploited by an attacker to build a TFLite model that leads to an integer overflow in the embedding lookup operation...
PT-2022-16107 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions 2.7.0 through 2.7.0 and versions prior to 2.8.0 Description: A GraphDef from a TensorFlow SavedModel can be maliciously altered to cause a TensorFlow process to crash due to encountering a StatusOr value that is an error a...
Google Tensorflow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from the er optimizer in TensorFlow that can cause a denial of service by modifying the SavedModel so that issimplifiableshape will...
Google TensorFlow 代码问题漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google USA. Google TensorFlow is vulnerable to a code issue that stems from the fact that TensorFlow may fail to specialize types during shape inference. No detailed vulnerability details are currently available...
PT-2022-16099 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: A malicious user can cause a denial of service by altering a SavedModel such tha...
PT-2022-16081 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operatio...
PT-2022-16077 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions prior to 2.7.1 TensorFlow versions prior to 2.6.3 TensorFlow versions prior to 2.5.3 Description: An attacker can craft a TFLite model to cause a write outside the bounds of an array in...
Google Tensorflow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, a U.S. company. Google Tensorflow has a security vulnerability that could be exploited by attackers to cause a memory leak...
Google TensorFlow 输入验证错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google TensorFlow is vulnerable to an input validation error that could be exploited by an attacker to create an operation that contains a tensor with enough elements to cause an integer overflow...
Google TensorFlow 数字错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A numerical error vulnerability exists in Google Tensorflow, which could be exploited by an attacker to create a TFLite model that triggers a division in the "BiasAndClamp" implementation. The...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google Tensorflow is vulnerable to a buffer overflow vulnerability that could be exploited by an attacker to build a TFLite model that allows limited reads and writes to the outside of arrays in TFLit...
Google Tensorflow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow has a security vulnerability that can be exploited by an attacker to cause a denial of service by modifying SavedModel...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is a set of end-to-end open source platform for machine learning from Google Google Inc. Google TensorFlow has a buffer overflow vulnerability, which stems from the fact that TensorFlow is vulnerable to heap OOB write attacks in er. No detailed vulnerability details are currentl...
PT-2022-16074 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.0 TensorFlow versions 2.6.0 through 2.6.2 TensorFlow versions 2.5.0 through 2.5.2 Description: An attacker can craft a TFLite model that would cause an integer overflow ...
PT-2022-16101 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.0 will be fixed in 2.7.1 TensorFlow versions 2.6.0 through 2.6.2 will be fixed in 2.6.3 TensorFlow versions 2.5.0 through 2.5.2 will be fixed in 2.5.3 Description: A...
CVE-2022-21740
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also...