Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google tensorflow vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-29213
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the `tf.compat.v1.signal.rfft2d` and `tf.compat.v1.signal.rfft3d` lack input validation and under certain condition can result in crashes (due to `CHECK`-failures). Versi...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
7.8
CVSSv3
CVE-2022-29216
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reas...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
7.1
CVSSv3
CVE-2022-29208
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.EditDistance` has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service. In multip...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
7.8
CVSSv3
CVE-2021-37638
TensorFlow is an end-to-end open source platform for machine learning. Sending invalid argument for `row_partition_types` of `tf.raw_ops.RaggedTensorToTensor` API results in a null pointer dereference and undefined behavior. The [implementation](https://github.com/tensorflow/tens...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37661
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in `boosted_trees_create_quantile_stream_resource` by using negative arguments. The [implementation](https://github.com/tensorflow/tensorflow/blob...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.1
CVSSv3
CVE-2021-37664
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `BoostedTreesSparseCalculateBestFeatureSplit`. The [implementation](htt...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.8
CVSSv3
CVE-2021-37676
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.SparseFillEmptyRows`. The shape inference [implementation](https://github.com/tensorflow/ten...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
8.8
CVSSv3
CVE-2021-37678
TensorFlow is an end-to-end open source platform for machine learning. In affected versions TensorFlow and Keras can be tricked to perform arbitrary code execution when deserializing a Keras model from YAML format. The [implementation](https://github.com/tensorflow/tensorflow/blo...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
1 Github repository
7.1
CVSSv3
CVE-2021-37682
TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can be made to use unitialized values. [For example](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tens...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37683
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of division in TFLite is [vulnerable to a division by 0 error](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/ker...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »