Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tensorflow vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-37669
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause denial of service in applications serving models using `tf.raw_ops.NonMaxSuppressionV5` by triggering a division by 0. The [implementation](https://github.com/tensorf...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37672
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `tf.raw_ops.SdcaOptimizerV2`. The [implementation](https://github.com/t...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37677
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for `tf.raw_ops.Dequantize` has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inferenc...
Google Tensorflow
Google Tensorflow 2.6.0
Google Tensorflow 2.5.0
7.8
CVSSv3
CVE-2021-37679
TensorFlow is an end-to-end open source platform for machine learning. In affected versions it is possible to nest a `tf.map_fn` within another `tf.map_fn` call. However, if the input tensor is a `RaggedTensor` and there is no function signature provided, code assumes the output ...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37684
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementations of pooling in TFLite are vulnerable to division by 0 errors as there are no checks for divisors not being 0. We have patched the issue in GitHub commit [dfa22b348b70bb8...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37685
TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's [`expand_dims.cc`](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/expand_dims.cc#L36-L50) contains a vulnerabi...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37686
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the strided slice implementation in TFLite has a logic bug which can allow an malicious user to trigger an infinite loop. This arises from newly introduced support for [ellipsis in axis de...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37687
TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's [`GatherNd` implementation](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather_nd.cc#L124) does not support...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37689
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. This is caused by the MLIR optimization of `L2Norma...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37644
TensorFlow is an end-to-end open source platform for machine learning. In affected versions providing a negative element to `num_elements` list argument of `tf.raw_ops.TensorListReserve` causes the runtime to abort the process due to reallocating a `std::vector` to have a negativ...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »