Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14326 matches found

CVE
CVEadded 2022/02/04 10:32 p.m.124 views

CVE-2022-23558

CVE-2022-23558 describes an integer overflow in TensorFlow’s TFLite path: TfLiteIntArrayCreate alloc_size is derived from TfLiteIntArrayGetSizeInBytes(size), which returns an int instead of a size_t, enabling an attacker-controlled input to overflow computed_size. Affected: TensorFlow/TFLite mode...

8.8CVSS8.2AI score0.00799EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.43 views

CVE-2022-23558 Integer overflow in TFLite array creation

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...

7.6CVSS9.1AI score0.00799EPSS
Exploits1References4
Debian CVE
Debian CVEadded 2022/02/04 10:32 p.m.4 views

CVE-2022-23558

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...

8.8CVSS7.3AI score0.00799EPSS
Exploits1
OSV
OSVadded 2022/02/04 10:32 p.m.24 views

CVE-2022-23558 Integer overflow in TFLite array creation

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...

7.6CVSS8.7AI score0.00799EPSS
Exploits1References6
CVE
CVEadded 2022/02/04 10:32 p.m.150 views

CVE-2022-23570

CVE-2022-23570 concerns TensorFlow, where decoding a tensor from protobuf may trigger a null-dereference when attributes of mutable arguments are missing. The issue is guarded by a DCHECK, which is a no-op in production and triggers an assertion in debug builds, potentially leading to a crash. Th...

6.5CVSS6.6AI score0.00929EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2022/02/04 10:32 p.m.10 views

CVE-2022-23570 Null-dereference in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a DCHECK. However, DCHECK is a no-op in production builds...

6.5CVSS6.5AI score0.00929EPSS
Exploits1References3
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.26 views

CVE-2022-23570 Null-dereference in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a DCHECK. However, DCHECK is a no-op in production builds...

6.5CVSS6.7AI score0.00929EPSS
Exploits1References3
OSV
OSVadded 2022/02/04 10:32 p.m.29 views

CVE-2022-23570 Null-dereference in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a DCHECK. However, DCHECK is a no-op in production builds...

6.5CVSS6.4AI score0.00929EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2022/02/04 10:32 p.m.3 views

CVE-2022-23564 Reachable Assertion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow...

6.5CVSS6.3AI score0.00462EPSS
Exploits0References2
CVE
CVEadded 2022/02/04 10:32 p.m.102 views

CVE-2022-23564

CVE-2022-23564 (TensorFlow) : The issue is a denial-of-service in TensorFlow caused by an invalidated CHECK assertion when decoding a resource handle tensor from protobuf, triggered by user-controlled arguments. Affected: TensorFlow (TF) processes; root cause is an assertion failure path during r...

6.5CVSS6.4AI score0.00462EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.32 views

CVE-2022-23564 Reachable Assertion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow...

6.5CVSS6.5AI score0.00462EPSS
Exploits0References2
OSV
OSVadded 2022/02/04 10:32 p.m.28 views

CVE-2022-23564 Reachable Assertion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow...

6.5CVSS6.2AI score0.00462EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2022/02/04 10:32 p.m.3 views

CVE-2022-23564

Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow...

6.5CVSS6.8AI score0.00462EPSS
Exploits0
OSV
OSVadded 2022/02/04 10:32 p.m.16 views

CVE-2022-23565 `CHECK`-failures in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

6.5CVSS6.3AI score0.00462EPSS
Exploits0References4
CVE
CVEadded 2022/02/04 10:32 p.m.117 views

CVE-2022-23565

CVE-2022-23565 : TensorFlow contains a denial-of-service risk caused by an assertion failure when a SavedModel on disk has duplicated AttrDef entries for an operation. The issue’s root cause is described across connected sources as a SavedModel mismatch that can trigger a crash under certain on-d...

6.5CVSS6.5AI score0.00462EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.37 views

CVE-2022-23565 `CHECK`-failures in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

6.5CVSS6.6AI score0.00462EPSS
Exploits0References2
CVE
CVEadded 2022/02/04 10:32 p.m.107 views

CVE-2022-23562

TensorFlow vulnerability CVE-2022-23562 concerns the Range implementation: integer overflows in Range can cause undefined behavior or extremely large allocations. Public notes indicate a fix will be included in TensorFlow 2.8.0, with cherry-picks to affected supported releases (2.7.1, 2.6.3, 2.5....

8.8CVSS8.1AI score0.00569EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.44 views

CVE-2022-23562 Integer overflow in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of Range suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

7.6CVSS9AI score0.00569EPSS
Exploits0References4
OSV
OSVadded 2022/02/04 10:32 p.m.23 views

CVE-2022-23562 Integer overflow in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of Range suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

7.6CVSS8.6AI score0.00569EPSS
Exploits0References6
Debian CVE
Debian CVEadded 2022/02/04 10:32 p.m.2 views

CVE-2022-23562

Tensorflow is an Open Source Machine Learning Framework. The implementation of Range suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

8.8CVSS7AI score0.00569EPSS
Exploits0
Rows per page
Query Builder