Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tensorflow vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-29203
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SpaceToBatchND` (in all backends such as XLA and handwritten kernels) is vulnerable to an integer overflow: The result of this integer o...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
5.5
CVSSv3
CVE-2022-29204
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denia...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
5.5
CVSSv3
CVE-2022-29205
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling `tf.compat.v1.*` ops which don't yet have support for quantized types, which was added...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
5.5
CVSSv3
CVE-2022-29206
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorDenseAdd` does not fully validate the input arguments. In this case, a reference gets bound to a `nullptr` during kernel exe...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
5.5
CVSSv3
CVE-2022-29207
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
7.1
CVSSv3
CVE-2022-29208
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.EditDistance` has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service. In multip...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
5.5
CVSSv3
CVE-2022-29209
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions (e.g., `CHECK_LT`, `CHECK_GT`, etc.) have an incorrect logic when comparing `size_t` and `int` values. Due to type ...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
5.5
CVSSv3
CVE-2022-29212
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, certain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale ...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
5.5
CVSSv3
CVE-2022-29213
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the `tf.compat.v1.signal.rfft2d` and `tf.compat.v1.signal.rfft3d` lack input validation and under certain condition can result in crashes (due to `CHECK`-failures). Versi...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
7.8
CVSSv3
CVE-2022-29216
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reas...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »