| CVE-2021-41223 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the implementation of `FusedBatchNorm` kernels is vulnerable to a heap OOB access. The fix will be included in TensorF… |
| CVE-2021-41224 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseFillEmptyRows` can be made to trigger a heap OOB access. This occurs whenever the size of… |
| CVE-2021-41225 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the `train_nodes` vector (obtained from the save… |
| CVE-2021-41226 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseBinCount` is vulnerable to a heap OOB access. This is because of missing validation betwe… |
| CVE-2021-41227 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the `ImmutableConst` operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because th… |
| CVE-2021-41228 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's `saved_model_cli` tool is vulnerable to a code injection as it calls `eval` on user supplied strings. Thi… |
| CVE-2020-15266 |
medium |
— |
5.5 |
|
|
|
6y ago |
In Tensorflow before version 2.4.0, when the `boxes` argument of `tf.image.crop_and_resize` has a very large value, the CPU kernel implementation receives it as a C++ `nan` floating point value. Atte… |
| CVE-2020-15265 |
medium |
— |
5.5 |
|
|
|
6y ago |
In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tens… |
| CVE-2023-33976 |
unknown |
— |
— |
|
|
|
2y ago |
TensorFlow has segfault in array_ops.upper_bound |
| CVE-2023-25661 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow Denial of Service vulnerability |
| CVE-2023-25659 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch |
| CVE-2023-25660 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow vulnerable to seg fault in `tf.raw_ops.Print` |
| CVE-2023-25662 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and … |
| CVE-2023-25663 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `ctx->step_containter()` is a null ptr, the Lookup function will be executed with a null pointer.… |
| CVE-2023-25664 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1. |
| CVE-2023-25665 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `SparseSparseMaximum` is given invalid sparse tensors as inputs, it can give a null pointer error… |
| CVE-2023-25666 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow has Floating Point Exception in AudioSpectrogram |
| CVE-2023-25667 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow vulnerable to segfault when opening multiframe gif |
| CVE-2023-25668 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation |
| CVE-2023-25669 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow has Floating Point Exception in AvgPoolGrad with XLA |
| CVE-2023-25670 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled. A fix is included in … |
| CVE-2023-25671 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow has segmentation fault in tfg-translate |
| CVE-2023-25672 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow has Null Pointer Error in LookupTableImportV2 |
| CVE-2023-25673 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.… |
| CVE-2023-25674 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow has Null Pointer Error in RandomShuffle with XLA enable |
| CVE-2023-25675 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow has Segfault in Bincount with XLA |
| CVE-2023-25676 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parame… |
| CVE-2023-25801 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow has double free in Fractional(Max/Avg)Pool |
| CVE-2023-27579 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater `filter_input_channel` of less than 1 gives a FPE. This issue has been patched in v… |
| CVE-2023-25658 |
unknown |
— |
— |
|
|
|
3y ago |
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, an out of bounds read is in GRUBlockCellGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1. |
| CVE-2022-41880 |
unknown |
— |
— |
|
|
|
4y ago |
Tensorflow vulnerable to Out-of-Bounds Read |
| CVE-2022-41911 |
unknown |
— |
— |
|
|
|
4y ago |
Invalid char to bool conversion when printing a tensor |
| CVE-2022-41910 |
unknown |
— |
— |
|
|
|
4y ago |
Heap overflow in `QuantizeAndDequantizeV2` |
| CVE-2022-41909 |
unknown |
— |
— |
|
|
|
4y ago |
Segfault in `CompositeTensorVariantToComponents` |
| CVE-2022-41908 |
unknown |
— |
— |
|
|
|
4y ago |
`CHECK` fail via inputs in `PyFunc` |
| CVE-2022-41907 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. When `tf.raw_ops.ResizeNearestNeighborGrad` is given a large `size` input, it overflows. We have patched the issue in GitHub commit 00c821a… |
| CVE-2022-41902 |
unknown |
— |
— |
|
|
|
4y ago |
Out of bounds write in grappler in Tensorflow |
| CVE-2022-41901 |
unknown |
— |
— |
|
|
|
4y ago |
`CHECK_EQ` fail via input in `SparseMatrixNNZ` |
| CVE-2022-41900 |
unknown |
— |
— |
|
|
|
4y ago |
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess |
| CVE-2022-41899 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. Inputs `dense_features` or `example_state_data` not of rank 2 will trigger a `CHECK` fail in `SdcaOptimizer`. We have patched the issue in … |
| CVE-2022-41898 |
unknown |
— |
— |
|
|
|
4y ago |
`CHECK` fail via inputs in `SparseFillEmptyRowsGrad` |
| CVE-2022-41897 |
unknown |
— |
— |
|
|
|
4y ago |
`FractionalMaxPoolGrad` Heap out of bounds read |
| CVE-2022-41896 |
unknown |
— |
— |
|
|
|
4y ago |
`tf.raw_ops.Mfcc` crashes |
| CVE-2022-41895 |
unknown |
— |
— |
|
|
|
4y ago |
`MirrorPadGrad` heap out of bounds read |
| CVE-2022-41894 |
unknown |
— |
— |
|
|
|
4y ago |
Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite |
| CVE-2022-41893 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. If `tf.raw_ops.TensorListResize` is given a nonscalar value for input `size`, it results `CHECK` fail which can be used to trigger a denial… |
| CVE-2022-41891 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. If `tf.raw_ops.TensorListConcat` is given `element_shape=[]`, it results segmentation fault which can be used to trigger a denial of servic… |
| CVE-2022-41890 |
unknown |
— |
— |
|
|
|
4y ago |
`CHECK` fail in `BCast` overflow |
| CVE-2022-41889 |
unknown |
— |
— |
|
|
|
4y ago |
Segfault via invalid attributes in `pywrap_tfe_src.cc` |
| CVE-2022-41888 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. When running on GPU, `tf.image.generate_bounding_box_proposals` receives a `scores` input that must be of rank 4 but is not checked. We hav… |
| CVE-2022-41887 |
unknown |
— |
— |
|
|
|
4y ago |
Overflow in `tf.keras.losses.poisson` |
| CVE-2022-41886 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. When `tf.raw_ops.ImageProjectiveTransformV2` is given a large output shape, it overflows. We have patched the issue in GitHub commit 8faa6e… |
| CVE-2022-41885 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. When `tf.raw_ops.FusedResizeAndPadConv2D` is given a large tensor shape, it overflows. We have patched the issue in GitHub commit d66e1d568… |
| CVE-2022-41884 |
unknown |
— |
— |
|
|
|
4y ago |
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs |
| CVE-2022-41883 |
unknown |
— |
— |
|
|
|
4y ago |
Out of bounds segmentation fault due to unequal op inputs in Tensorflow |
| CVE-2022-35983 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `Save` and `SaveSlices` |
| CVE-2022-35984 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `ParameterizedTruncatedNormal` |
| CVE-2022-35985 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `LRNGrad` |
| CVE-2022-35986 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to segfault in `RaggedBincount` |
| CVE-2022-35988 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `tf.linalg.matrix_rank` |
| CVE-2022-35989 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `MaxPool` |
| CVE-2022-35982 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. If `SparseBincount` is given inputs for `indices`, `values`, and `dense_shape` that do not make a valid sparse tensor, it results in a segf… |
| CVE-2022-35981 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `FractionalMaxPoolGrad` |
| CVE-2022-35979 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to segfault in `QuantizedRelu` and `QuantizedRelu6` |
| CVE-2022-35974 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to segfault in `QuantizeDownAndShrinkRange` |
| CVE-2022-35973 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. If `QuantizedMatMul` is given nonscalar input for: `min_a`, `max_a`, `min_b`, or `max_b` It gives a segfault that can be used to trigger a … |
| CVE-2022-35972 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. If `QuantizedBiasAdd` is given `min_input`, `max_input`, `min_bias`, `max_bias` tensors of a nonzero rank, it results in a segfault that ca… |
| CVE-2022-35971 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVars` |
| CVE-2022-35970 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to segfault in `QuantizedInstanceNorm` |
| CVE-2022-35969 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `Conv2DBackpropInput` |
| CVE-2022-35968 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. The implementation of `AvgPoolGrad` does not fully validate the input `orig_input_shape`. This results in a `CHECK` failure which can be us… |
| CVE-2022-35967 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to segfault in `QuantizedAdd` |
| CVE-2022-35966 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. If `QuantizedAvgPool` is given `min_input` or `max_input` tensors of a nonzero rank, it results in a segfault that can be used to trigger a… |
| CVE-2022-35990 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannelGradient` |
| CVE-2022-35991 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `TensorListScatter` and `TensorListScatterV2` |
| CVE-2022-35965 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound` |
| CVE-2022-35992 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `TensorListFromTensor` |
| CVE-2022-35993 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `SetSize` |
| CVE-2022-35964 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to segfault in `BlockLSTMGradV2` |
| CVE-2022-35963 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` failures in `FractionalAvgPoolGrad` |
| CVE-2022-35952 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` failures in `UnbatchGradOp` |
| CVE-2022-35940 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to Int overflow in `RaggedRangeOp` |
| CVE-2022-35994 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `CollectiveGather` |
| CVE-2022-35960 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` failure in `TensorListReserve` via missing validation |
| CVE-2022-35996 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to floating point exception in `Conv2D` |
| CVE-2022-35959 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` failures in `AvgPool3DGrad` |
| CVE-2022-35998 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `EmptyTensorList` |
| CVE-2022-36000 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to null dereference on MLIR on empty function attributes |
| CVE-2022-36001 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `DrawBoundingBoxes` |
| CVE-2022-36002 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `Unbatch` |
| CVE-2022-36013 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef` |
| CVE-2022-36011 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to null dereference on MLIR on empty function attributes |
| CVE-2022-36017 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to segfault in `Requantize` |
| CVE-2022-36003 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `RandomPoissonV2` |
| CVE-2022-36005 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsGradient` |
| CVE-2022-35995 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `AudioSummaryV2` |
| CVE-2022-36004 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK` fail in `tf.random.gamma` |
| CVE-2022-36016 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs` |
| CVE-2022-36014 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow is an open source platform for machine learning. When `mlir::tfg::TFOp::nameAttr` receives null type list attributes, it crashes. We have patched the issue in GitHub commits 3a754740d5414e… |
| CVE-2022-36015 |
unknown |
— |
— |
|
|
|
4y ago |
TensorFlow vulnerable to integer overflow in math ops |
