Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14326 matches found

Vulnrichment
Vulnrichmentadded 2022/02/04 10:32 p.m.5 views

CVE-2022-23586 Multiple `CHECK`-fails in `function.cc` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that assertions in function.cc would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...

6.5CVSS6.4AI score0.00788EPSS
Exploits1References4
OSV
OSVadded 2022/02/04 10:32 p.m.18 views

CVE-2022-23586 Multiple `CHECK`-fails in `function.cc` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that assertions in function.cc would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...

6.5CVSS6.3AI score0.00788EPSS
Exploits1References6
Debian CVE
Debian CVEadded 2022/02/04 10:32 p.m.5 views

CVE-2022-23586

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that assertions in function.cc would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...

6.5CVSS6.8AI score0.00788EPSS
Exploits1
CVE
CVEadded 2022/02/04 10:32 p.m.120 views

CVE-2022-23583

TensorFlow vulnerability CVE-2022-23583: a type confusion caused by modifying the SavedModel’s tensor protobufs can let a remote attacker trigger CHECK failures in templated binary operators, leading to a denial of service. Affected: various TF releases up to 2.8.x (and cherry-picks on 2.7.1, 2.6...

6.5CVSS6.4AI score0.00777EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.45 views

CVE-2022-23583 `CHECK`-failures in binary ops in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...

6.5CVSS6.6AI score0.00777EPSS
Exploits1References3
OSV
OSVadded 2022/02/04 10:32 p.m.20 views

CVE-2022-23583 `CHECK`-failures in binary ops in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...

6.5CVSS6.3AI score0.00777EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2022/02/04 10:32 p.m.4 views

CVE-2022-23583 `CHECK`-failures in binary ops in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...

6.5CVSS6.3AI score0.00777EPSS
Exploits1References3
Debian CVE
Debian CVEadded 2022/02/04 10:32 p.m.3 views

CVE-2022-23583

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...

6.5CVSS6.8AI score0.00777EPSS
Exploits1
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.26 views

CVE-2022-23582 `CHECK`-failures in `TensorByteSize` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. TensorShape constructor throws a CHECK-fail if shape is partial or has a number of elements that would overflow t...

6.5CVSS6.5AI score0.00771EPSS
Exploits1References3
CVE
CVEadded 2022/02/04 10:32 p.m.107 views

CVE-2022-23582

CVE-2022-23582 affects TensorFlow: a malicious SavedModel can trigger a denial of service via TensorByteSize CHECK failures caused by shape handling in TensorShape/PartialTensorShape (shape partials or large element counts). Root cause is TensorShape throwing on partial/large shapes; PartialTenso...

6.5CVSS6.4AI score0.00771EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2022/02/04 10:32 p.m.18 views

CVE-2022-23582 `CHECK`-failures in `TensorByteSize` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. TensorShape constructor throws a CHECK-fail if shape is partial or has a number of elements that would overflow t...

6.5CVSS6.3AI score0.00771EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2022/02/04 10:32 p.m.3 views

CVE-2022-23584 Use after free in `DecodePng` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...

7.6CVSS7.6AI score0.00714EPSS
Exploits1References3
Cvelist
Cvelistadded 2022/02/04 10:32 p.m.25 views

CVE-2022-23584 Use after free in `DecodePng` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...

7.6CVSS7.8AI score0.00714EPSS
Exploits1References3
CVE
CVEadded 2022/02/04 10:32 p.m.104 views

CVE-2022-23584

TensorFlow PNG decoding contains a use-after-free in png::CommonFreeDecode(&decode) where, after the call, decode.width and decode.height are in an unspecified state. This TF vulnerability (CVE-2022-23584) affects the TensorFlow PNG decode path and can lead to memory corruption or crashes when de...

7.6CVSS6.8AI score0.00714EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVEadded 2022/02/04 10:32 p.m.3 views

CVE-2022-23584

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...

7.6CVSS7AI score0.00714EPSS
Exploits1
OSV
OSVadded 2022/02/04 10:32 p.m.31 views

CVE-2022-23584 Use after free in `DecodePng` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...

7.6CVSS6.7AI score0.00714EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2022/02/04 10:32 p.m.4 views

CVE-2022-23592 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...

8.1CVSS8AI score0.00845EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2022/02/04 10:32 p.m.3 views

CVE-2022-23587 Integer overflow in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior...

8.8CVSS9.5AI score0.00874EPSS
Exploits1References3
CVE
CVEadded 2022/02/04 10:32 p.m.110 views

CVE-2022-23592

CVE-2022-23592 : TensorFlow’s type inference can trigger a heap out-of-bounds read when input_idx controls ix, risking access beyond node_t.args. This occurs because bounds checks run via DCHECK (no-op in production). The issue affects the TensorFlow release line noted as the only affected versio...

8.1CVSS7.8AI score0.00845EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2022/02/04 10:32 p.m.121 views

CVE-2022-23587

CVE-2022-23587 concerns TensorFlow, specifically the Grappler cost-estimator path. The vulnerability is an integer overflow in the cost estimation for crop and resize within Grappler, triggered by user-controlled cropping parameters, which can lead to undefined behavior. The patch is committed (c...

9.8CVSS9.2AI score0.00874EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder