CVEs from 2021
Total
4,807
critical
critical 280
high
high 1,018
medium
medium 1,175
low
low 138
% Critical
5.8%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- communications_unified_inventory_management 7
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-29614 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.io.decode_raw` produces incorrect results and crashes the Python interpreter when combining `fixed_len… | |||
| CVE-2021-29613 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap. The fix will be included in T… | |||
| CVE-2021-29612 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in Eigen implementation of `tf.raw_ops.BandedTriangularSolve`. The implementation… | |||
| CVE-2021-29611 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseReshape` results in a denial of service based on a `CHECK`-failure. The implementation(https://g… | |||
| CVE-2021-29610 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The validation in `tf.raw_ops.QuantizeAndDequantizeV2` allows invalid values for `axis` argument:. The validation(https://github… | |||
| CVE-2021-29609 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined behavior (dereferencing null pointers) a… | |||
| CVE-2021-29608 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.RaggedTensorToTensor`, an attacker can exploit an undefined behavior if input arguments… | |||
| CVE-2021-29606 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of `Split_V`(https://github.com/… | |||
| CVE-2021-29605 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The TFLite code for allocating `TFLiteIntArray`s is vulnerable to an integer overflow issue(https://github.com/tensorflow/tensor… | |||
| CVE-2021-29604 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of hashtable lookup is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow… | |||
| CVE-2021-29603 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB write on heap in the TFLite implementation of `ArgMin`/`ArgMax`(https://gi… | |||
| CVE-2021-29602 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `DepthwiseConv` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflo… | |||
| CVE-2021-29601 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of concatenation is vulnerable to an integer overflow issue(https://github.com/tensorflow/tensorflow/b… | |||
| CVE-2021-29600 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `OneHot` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tenso… | |||
| CVE-2021-29599 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `Split` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensor… | |||
| CVE-2021-29598 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `SVDF` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorf… | |||
| CVE-2021-29597 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `SpaceToBatchNd` TFLite operator is [vulnerable to a division by zero error](https://github.com/tensor… | |||
| CVE-2021-29596 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `EmbeddingLookup` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorf… | |||
| CVE-2021-29595 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `DepthToSpace` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow… | |||
| CVE-2021-29594 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. TFLite's convolution code(https://github.com/tensorflow/tensorflow/blob/09c73bca7d648e961dd05898292d91a8322a9d45/tensorflow/lite… | |||
| CVE-2021-29593 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `BatchToSpaceNd` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorfl… | |||
| CVE-2021-29592 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209) missed the case when the target shape … | |||
| CVE-2021-29591 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that… | |||
| CVE-2021-29590 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementations of the `Minimum` and `Maximum` TFLite operators can be used to read data outside of bounds of heap allocated… | |||
| CVE-2021-29589 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The reference implementation of the `GatherNd` TFLite operator is vulnerable to a division by zero error(https://github.com/tens… | |||
| CVE-2021-29588 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The optimized implementation of the `TransposeConv` TFLite operator is [vulnerable to a division by zero error](https://github.c… | |||
| CVE-2021-29587 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The `Prepare` step of the `SpaceToDepth` TFLite operator does not check for 0 before division(https://github.com/tensorflow/tens… | |||
| CVE-2021-29586 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Optimized pooling implementations in TFLite fail to check that the stride arguments are not 0 before calling `ComputePaddingHeig… | |||
| CVE-2021-29585 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The TFLite computation for size of output after padding, `ComputeOutSize`(https://github.com/tensorflow/tensorflow/blob/0c9692ae… | |||
| CVE-2021-29584 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in caused by an integer overflow in constructing a new tensor sha… | |||
| CVE-2021-29583 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FusedBatchNorm` is vulnerable to a heap buffer overflow. If the tensors are empty, the same im… | |||
| CVE-2021-29582 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.Dequantize`, an attacker can trigger a read from outside of bounds of heap allocated da… | |||
| CVE-2021-29581 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.CTCBeamSearchDecoder`, an attacker can trigger denial of service via segmentation fault… | |||
| CVE-2021-29580 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalMaxPoolGrad` triggers an undefined behavior if one of the input tensors is empty. Th… | |||
| CVE-2021-29579 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/te… | |||
| CVE-2021-29578 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalAvgPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://git… | |||
| CVE-2021-29577 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.AvgPool3DGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/… | |||
| CVE-2021-29576 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.… | |||
| CVE-2021-29575 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.ReverseSequence` allows for stack overflow and/or `CHECK`-fail based denial of service. The im… | |||
| CVE-2021-29574 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` exhibits undefined behavior by dereferencing null pointers backing attacker… | |||
| CVE-2021-29573 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` is vulnerable to a division by 0. The implementation(https://github.com… | |||
| CVE-2021-29572 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementa… | |||
| CVE-2021-29571 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker su… | |||
| CVE-2021-29570 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker su… | |||
| CVE-2021-29569 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker su… | |||
| CVE-2021-29568 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in `tf.raw_ops.ParameterizedTruncatedNormal`. This is beca… | |||
| CVE-2021-29567 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.SparseDenseCwiseMul`, an attacker can trigger denial of service via `CHECK`-fails or ac… | |||
| CVE-2021-29566 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to `tf.raw_ops.Dilation2DBackprop… | |||
| CVE-2021-29565 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.SparseFillEmptyRows`. This is because of… | |||
| CVE-2021-29564 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.EditDistance`. This is because the imple… | |||
| CVE-2021-29563 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. E… | |||
| CVE-2021-29562 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.IRFFT`. … | |||
| CVE-2021-29561 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from `tf.raw_ops.LoadAndRemapMatrix`. This is b… | |||
| CVE-2021-29560 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `tf.raw_ops.RaggedTensorToTensor`. This is because the implementation(https://gi… | |||
| CVE-2021-29559 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data outside of bounds of heap allocated array in `tf.raw_ops.UnicodeEncode`. This is because the impleme… | |||
| CVE-2021-29558 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `tf.raw_ops.SparseSplit`. This is because the implementation(https://github.com/… | |||
| CVE-2021-29557 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.SparseMatMul`. The division by 0 occurs deep in… | |||
| CVE-2021-29556 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.Reverse`. This is because the implementation(ht… | |||
| CVE-2021-29555 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.FusedBatchNorm`. This is because the implementa… | |||
| CVE-2021-29554 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.DenseCountSparseOutput`. This is because the im… | |||
| CVE-2021-29553 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in `tf.raw_ops.QuantizeAndDequantizeV3`. This is because th… | |||
| CVE-2021-29552 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of `num_segments` tensor argument for `UnsortedSegmentJoin`.… | |||
| CVE-2021-29551 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixTriangularSolve`(https://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16… | |||
| CVE-2021-29550 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.FractionalAvgPool`. This is because … | |||
| CVE-2021-29549 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormaliz… | |||
| CVE-2021-29548 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormaliz… | |||
| CVE-2021-29547 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a segfault and denial of service via accessing data outside of bounds in `tf.raw_ops.QuantizedBatchNormWit… | |||
| CVE-2021-29546 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger an integer division by zero undefined behavior in `tf.raw_ops.QuantizedBiasAdd`. This is because the imp… | |||
| CVE-2021-29545 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in converting sparse tensors to CSR Sparse matrices. This is beca… | |||
| CVE-2021-29544 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.QuantizeAndDequantizeV4Grad`. This is because the … | |||
| CVE-2021-29543 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementat… | |||
| CVE-2021-29542 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to `tf.raw_ops.StringNGrams`. This is because the impleme… | |||
| CVE-2021-29541 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in `tf.raw_ops.StringNGrams`. This is because the implementation(https:/… | |||
| CVE-2021-29540 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow to occur in `Conv2DBackpropFilter`. This is because the implementation(https://gith… | |||
| CVE-2021-29539 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.ImmutableConst`(https://www.tensorflow.org/api_docs/python/tf/raw_ops/ImmutableConst) with a `dtype` of `tf.… | |||
| CVE-2021-29538 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a division by zero to occur in `Conv2DBackpropFilter`. This is because the implementation(https://github.c… | |||
| CVE-2021-29537 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedResizeBilinear` by passing in invalid thresholds for the quantization.… | |||
| CVE-2021-29536 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedReshape` by passing in invalid thresholds for the quantization. This i… | |||
| CVE-2021-29535 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedMul` by passing in invalid thresholds for the quantization. This is be… | |||
| CVE-2021-29534 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.SparseConcat`. This is because the implementation(… | |||
| CVE-2021-29533 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK` failure by passing an empty image to `tf.raw_ops.DrawBoundingBoxes`. T… | |||
| CVE-2021-29532 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to `tf.raw_ops.Ra… | |||
| CVE-2021-29531 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a `CHECK` fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the… | |||
| CVE-2021-29530 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference by providing an invalid `permutation` to `tf.raw_ops.SparseMatrixSparseCholes… | |||
| CVE-2021-29529 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in `tf.raw_ops.QuantizedResizeBilinear` by manipulating input values so that floa… | |||
| CVE-2021-29528 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.QuantizedMul`. This is because the implementation(https://github.com/tens… | |||
| CVE-2021-29527 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.QuantizedConv2D`. This is because the implementation(https://github.com/t… | |||
| CVE-2021-29526 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2D`. This is because the implementation(https://github.com/tensorflow… | |||
| CVE-2021-29525 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropInput`. This is because the implementation(https://github.c… | |||
| CVE-2021-29524 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropFilter`. This is because the implementation(https://github.… | |||
| CVE-2021-29523 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.AddManySparseToTensorsMap`. This is because the im… | |||
| CVE-2021-29522 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The `tf.raw_ops.Conv3DBackprop*` operations fail to validate that the input tensors are not empty. In turn, this would result in… | |||
| CVE-2021-29521 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a segmentation fault being thrown out from … | |||
| CVE-2021-29520 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Missing validation between arguments to `tf.raw_ops.Conv3DBackprop*` operations can result in heap buffer overflows. This is bec… | |||
| CVE-2021-29519 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The API of `tf.raw_ops.SparseCross` allows combinations which would result in a `CHECK`-failure and denial of service. This is b… | |||
| CVE-2021-29518 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. In eager mode (default in TF 2.0 and later), session operations are invalid. However, users could still call the raw ops associa… | |||
| CVE-2021-29517 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. A malicious user could trigger a division by 0 in `Conv3D` implementation. The implementation(https://github.com/tensorflow/tens… | |||
| CVE-2021-29516 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.RaggedTensorToVariant` with arguments specifying an invalid ragged tensor results in a null pointer derefere… | |||
| CVE-2021-29515 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixDiag*` operations(https://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c… | |||
| CVE-2021-29514 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does not specify a valid `SparseTensor`(https://www.tensorflow.org/api_docs/python/… |