CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

vulnersOsv•added 2022/02/03 3:15 p.m.•2 views

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-21741 via tensorflow-cpu (>=1.15.0 <=2.4.4)

vulnersOsv•added 2022/02/03 3:15 p.m.•2 views

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-21741 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-21741 Source advisory: OSV:PYSEC-2022-120...

Prion•added 2022/02/03 3:15 p.m.•17 views

Stack overflow

Tensorflow is an Open Source Machine Learning Framework. Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to...

5CVSS6.5AI score0.00808EPSS

Prion•added 2022/02/03 3:15 p.m.•10 views

Design/Logic Flaw

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also...

6.5CVSS8.6AI score0.00776EPSS

OSV•added 2022/02/03 3:15 p.m.•2 views

PYSEC-2022-120

6.5CVSS6.6AI score0.00808EPSS

Exploits1References3

PyPA•added 2022/02/03 3:15 p.m.•5 views

PYSEC-2022-65

6.5CVSS6.9AI score0.00808EPSS

PyPA•added 2022/02/03 3:15 p.m.•4 views

PYSEC-2022-64

8.8CVSS7.1AI score0.00776EPSS

PyPA•added 2022/02/03 3:15 p.m.•5 views

PYSEC-2022-120

6.5CVSS6.9AI score0.00808EPSS

PyPA•added 2022/02/03 3:15 p.m.•5 views

PYSEC-2022-119

8.8CVSS7.1AI score0.00776EPSS

OSV•added 2022/02/03 3:15 p.m.•2 views

PYSEC-2022-119

8.8CVSS6AI score0.00776EPSS

Exploits1References4

OSV•added 2022/02/03 3:15 p.m.•21 views

PYSEC-2022-64

8.8CVSS2.6AI score0.00776EPSS

Exploits1References4

vulnersOsv•added 2022/02/03 3:15 p.m.•5 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +170 more potentially affected by CVE-2022-21741 via tensorflow-gpu (>=1.10.1 <=2.5.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-21741 Source advisory: OSV:PYSEC-2022-120...

OSV•added 2022/02/03 3:15 p.m.•14 views

PYSEC-2022-65

6.5CVSS2.5AI score0.00808EPSS

Exploits1References3

Cvelist•added 2022/02/03 2:30 p.m.•31 views

CVE-2022-21740 Heap overflow in Tensorflow

7.6CVSS8.9AI score0.00776EPSS

Exploits1References4

CVE•added 2022/02/03 2:30 p.m.•143 views

CVE-2022-21740

CVE-2022-21740 concerns TensorFlow’s SparseCountSparseOutput, where the vulnerability is a heap-based overflow in that operation. The issue arises from improper bounds checking in the SparseCountSparseOutput path, enabling heap overflow and potential arbitrary-code execution on affected systems. ...

8.8CVSS8AI score0.00776EPSS

Debian CVE•added 2022/02/03 2:30 p.m.•3 views

CVE-2022-21740

8.8CVSS7.1AI score0.00776EPSS

OSV•added 2022/02/03 2:30 p.m.•23 views

CVE-2022-21740 Heap overflow in Tensorflow

7.6CVSS8.6AI score0.00776EPSS

Exploits1References6

CVE•added 2022/02/03 2:27 p.m.•127 views

CVE-2022-21741

TensorFlow’s CVE-2022-21741 affects TFLite depthwise convolutions where a division by zero can occur due to user-controlled convolution parameters and no positivity check before division. The issue enables a potential denial of service via crafted models. The fix is planned for TensorFlow 2.8.0, ...