Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tensorflow vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-37691
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a division by zero error in LSH [implementation](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b810...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.1
CVSSv3
CVE-2021-37635
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The [implementation](https://github.com/tensorflow/tensorflow...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.8
CVSSv3
CVE-2021-37638
TensorFlow is an end-to-end open source platform for machine learning. Sending invalid argument for `row_partition_types` of `tf.raw_ops.RaggedTensorToTensor` API results in a null pointer dereference and undefined behavior. The [implementation](https://github.com/tensorflow/tens...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37661
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in `boosted_trees_create_quantile_stream_resource` by using negative arguments. The [implementation](https://github.com/tensorflow/tensorflow/blob...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.8
CVSSv3
CVE-2021-37662
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can generate undefined behavior via a reference binding to nullptr in `BoostedTreesCalculateBestGainsPerFeature` and similar attack can occur in `BoostedTreesCalculateBestFeatu...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.1
CVSSv3
CVE-2021-37664
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `BoostedTreesSparseCalculateBestFeatureSplit`. The [implementation](htt...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.8
CVSSv3
CVE-2021-37663
TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in `tf.raw_ops.QuantizeV2`, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap ...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
7.8
CVSSv3
CVE-2021-37671
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.Map*` and `tf.raw_ops.OrderedMap*` operations. The [implementation](https://github.com/tenso...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
5.5
CVSSv3
CVE-2021-37672
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `tf.raw_ops.SdcaOptimizerV2`. The [implementation](https://github.com/t...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
8.8
CVSSv3
CVE-2021-37678
TensorFlow is an end-to-end open source platform for machine learning. In affected versions TensorFlow and Keras can be tricked to perform arbitrary code execution when deserializing a Keras model from YAML format. The [implementation](https://github.com/tensorflow/tensorflow/blo...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »