Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google tensorflow vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2021-37690
TensorFlow is an end-to-end open source platform for machine learning. In affected versions when running shape functions, some functions (such as `MutableHashTableShape`) produce extra output information in the form of a `ShapeAndType` struct. The shapes embedded in this struct a...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37691
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a division by zero error in LSH [implementation](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b810...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
320
VMScore
CVE-2021-37664
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `BoostedTreesSparseCalculateBestFeatureSplit`. The [implementation](htt...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37668
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause denial of service in applications serving models using `tf.raw_ops.UnravelIndex` by triggering a division by 0. The [implementation](https://github.com/tensorflow/ten...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37645
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37653
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a floating point exception in `tf.raw_ops.ResourceGather`. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
409
VMScore
CVE-2021-37662
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can generate undefined behavior via a reference binding to nullptr in `BoostedTreesCalculateBestGainsPerFeature` and similar attack can occur in `BoostedTreesCalculateBestFeatu...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
409
VMScore
CVE-2021-37666
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToVariant`. The [implementation](https://github.com/tensorflow/tensorflow/blob/4...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37680
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of fully connected layers in TFLite is [vulnerable to a division by zero error](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/te...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37683
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of division in TFLite is [vulnerable to a division by 0 error](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/ker...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »