Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tensorflow vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2021-37654
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a `CHECK`-fail in debug builds of TensorFlow using `tf.raw_ops.ResourceGather` or a read from outside the bounds of heap allocated data in the same API ...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.8
CVSSv3
CVE-2021-37656
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToSparse`. The [implementation](https://github.com/tensorflow/tensorflow/blob/f2...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37660
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The [implementation](https://github.com/tensorfl...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.8
CVSSv3
CVE-2021-37662
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can generate undefined behavior via a reference binding to nullptr in `BoostedTreesCalculateBestGainsPerFeature` and similar attack can occur in `BoostedTreesCalculateBestFeatu...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.8
CVSSv3
CVE-2021-37666
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToVariant`. The [implementation](https://github.com/tensorflow/tensorflow/blob/4...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.8
CVSSv3
CVE-2021-37667
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.UnicodeEncode`. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37686
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the strided slice implementation in TFLite has a logic bug which can allow an malicious user to trigger an infinite loop. This arises from newly introduced support for [ellipsis in axis de...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37691
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a division by zero error in LSH [implementation](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b810...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.1
CVSSv3
CVE-2021-37664
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `BoostedTreesSparseCalculateBestFeatureSplit`. The [implementation](htt...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37689
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. This is caused by the MLIR optimization of `L2Norma...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »