Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leap vulnerabilities and exploits
(subscribe to this query)
9
CVSSv3
CVE-2020-15202
In Tensorflow prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. However, there are several places in TensorFlow where a lambda taking `int` or `int32` argument...
Google Tensorflow
Opensuse Leap 15.2
5.3
CVSSv3
CVE-2020-15204
In eager mode, TensorFlow prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling `tf.raw_ops.GetSessionHandle` or `tf.raw_ops.GetSessionHandleV2` results in a null pointer dereference In linked snippet, in eager mode, `ctx->session_state(...
Google Tensorflow
Opensuse Leap 15.2
7.5
CVSSv3
CVE-2020-15206
In Tensorflow prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using ...
Google Tensorflow
Opensuse Leap 15.2
9.8
CVSSv3
CVE-2020-15208
In tensorflow-lite prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious a...
Google Tensorflow
Opensuse Leap 15.2
4.8
CVSSv3
CVE-2020-15211
In TensorFlow Lite prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format u...
Google Tensorflow
Opensuse Leap 15.2
7.1
CVSSv3
CVE-2020-15193
In Tensorflow prior to 2.2.1 and 2.3.1, the implementation of `dlpack.to_dlpack` can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users ...
Google Tensorflow 2.2.0
Google Tensorflow 2.3.0
Opensuse Leap 15.2
8.8
CVSSv3
CVE-2020-15195
In Tensorflow prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of `SparseFillEmptyRowsGrad` uses a double indexing pattern. It is possible for `reverse_index_map(i)` to be an index outside of bounds of `grad_values`, thus resulting in a heap buffer overflow. The...
Google Tensorflow
Opensuse Leap 15.2
7.5
CVSSv3
CVE-2020-15203
In Tensorflow prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `fill` argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a `printf` call is constructed. This may resul...
Google Tensorflow
Opensuse Leap 15.2
9
CVSSv3
CVE-2020-15207
In tensorflow-lite prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses `ResolveAxis` to convert negative values to positive indices. However, the only check that the converted index is now valid is only present in debu...
Google Tensorflow
Opensuse Leap 15.2
6.5
CVSSv3
CVE-2020-15210
In tensorflow-lite prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d5...
Google Tensorflow
Opensuse Leap 15.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »