Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2021-29565 TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.SparseFillEmptyRows`. This is because of ... | 2.5 | LOW | — | 0 |
| CVE-2021-29566 TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to `tf.raw_ops.Dilation2DBackpropI... | 2.5 | LOW | — | 0 |
| CVE-2021-29567 TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.SparseDenseCwiseMul`, an attacker can trigger denial of service via `CHECK`-fails or acc... | 2.5 | LOW | — | 0 |
| CVE-2021-29568 TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in `tf.raw_ops.ParameterizedTruncatedNormal`. This is becau... | 2.5 | LOW | — | 0 |
| CVE-2021-29569 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker sup... | 2.5 | LOW | — | 0 |
| CVE-2021-29570 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker sup... | 2.5 | LOW | — | 0 |
| CVE-2021-29571 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker sup... | 4.5 | MEDIUM | — | 0 |
| CVE-2021-29572 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementat... | 2.5 | LOW | — | 0 |
| CVE-2021-29573 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` is vulnerable to a division by 0. The implementation(https://github.com/... | 2.5 | LOW | — | 0 |
| CVE-2021-29574 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` exhibits undefined behavior by dereferencing null pointers backing attacker-... | 2.5 | LOW | — | 0 |
| CVE-2021-29575 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.ReverseSequence` allows for stack overflow and/or `CHECK`-fail based denial of service. The imp... | 2.5 | LOW | — | 0 |
| CVE-2021-29576 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.c... | 2.5 | LOW | — | 0 |
| CVE-2021-29577 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.AvgPool3DGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/t... | 2.5 | LOW | — | 0 |
| CVE-2021-29578 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalAvgPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://gith... | 2.5 | LOW | — | 0 |
| CVE-2021-29579 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/ten... | 2.5 | LOW | — | 0 |
| CVE-2021-29580 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalMaxPoolGrad` triggers an undefined behavior if one of the input tensors is empty. The... | 2.5 | LOW | — | 0 |
| CVE-2021-29581 TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.CTCBeamSearchDecoder`, an attacker can trigger denial of service via segmentation faults... | 2.5 | LOW | — | 0 |
| CVE-2021-29582 TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.Dequantize`, an attacker can trigger a read from outside of bounds of heap allocated dat... | 2.5 | LOW | — | 0 |
| CVE-2021-29583 TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FusedBatchNorm` is vulnerable to a heap buffer overflow. If the tensors are empty, the same imp... | 2.5 | LOW | — | 0 |
| CVE-2021-29584 TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in caused by an integer overflow in constructing a new tensor shap... | 2.5 | LOW | — | 0 |
| CVE-2021-29585 TensorFlow is an end-to-end open source platform for machine learning. The TFLite computation for size of output after padding, `ComputeOutSize`(https://github.com/tensorflow/tensorflow/blob/0c9692ae7... | 2.5 | LOW | — | 0 |
| CVE-2021-29586 TensorFlow is an end-to-end open source platform for machine learning. Optimized pooling implementations in TFLite fail to check that the stride arguments are not 0 before calling `ComputePaddingHeigh... | 2.5 | LOW | — | 0 |
| CVE-2021-29587 TensorFlow is an end-to-end open source platform for machine learning. The `Prepare` step of the `SpaceToDepth` TFLite operator does not check for 0 before division(https://github.com/tensorflow/tenso... | 2.5 | LOW | — | 0 |
| CVE-2021-29588 TensorFlow is an end-to-end open source platform for machine learning. The optimized implementation of the `TransposeConv` TFLite operator is [vulnerable to a division by zero error](https://github.co... | 2.5 | LOW | — | 0 |
| CVE-2021-29589 TensorFlow is an end-to-end open source platform for machine learning. The reference implementation of the `GatherNd` TFLite operator is vulnerable to a division by zero error(https://github.com/tenso... | 2.5 | LOW | — | 0 |
| CVE-2021-29590 TensorFlow is an end-to-end open source platform for machine learning. The implementations of the `Minimum` and `Maximum` TFLite operators can be used to read data outside of bounds of heap allocated ... | 2.5 | LOW | — | 0 |
| CVE-2021-29591 TensorFlow is an end-to-end open source platform for machine learning. TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that ... | 7.3 | HIGH | — | 0 |
| CVE-2019-25044 The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related ... | 7.8 | HIGH | — | 0 |
| CVE-2021-29592 TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209) missed the case when the target shape o... | 4.4 | MEDIUM | — | 0 |
| CVE-2021-29593 TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `BatchToSpaceNd` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflo... | 2.5 | LOW | — | 0 |
| CVE-2021-29594 TensorFlow is an end-to-end open source platform for machine learning. TFLite's convolution code(https://github.com/tensorflow/tensorflow/blob/09c73bca7d648e961dd05898292d91a8322a9d45/tensorflow/lite/... | 2.5 | LOW | — | 0 |
| CVE-2021-29595 TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `DepthToSpace` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/... | 2.5 | LOW | — | 0 |
| CVE-2021-29596 TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `EmbeddingLookup` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorfl... | 2.5 | LOW | — | 0 |
| CVE-2021-29597 TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `SpaceToBatchNd` TFLite operator is [vulnerable to a division by zero error](https://github.com/tensorf... | 2.5 | LOW | — | 0 |
| CVE-2021-29598 TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `SVDF` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorfl... | 2.5 | LOW | — | 0 |
| CVE-2021-29599 TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `Split` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorf... | 2.5 | LOW | — | 0 |
| CVE-2020-19467 An issue has been found in function DCTStream::transformDataUnit in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an Illegal Use After Free . | 5.5 | MEDIUM | — | 0 |
| CVE-2021-29600 TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `OneHot` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensor... | 2.5 | LOW | — | 0 |
| CVE-2021-29601 TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of concatenation is vulnerable to an integer overflow issue(https://github.com/tensorflow/tensorflow/bl... | 6.3 | MEDIUM | — | 0 |
| CVE-2021-29602 TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `DepthwiseConv` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow... | 2.5 | LOW | — | 0 |
| CVE-2021-29603 TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB write on heap in the TFLite implementation of `ArgMin`/`ArgMax`(https://git... | 2.5 | LOW | — | 0 |
| CVE-2021-29604 TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of hashtable lookup is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/... | 2.5 | LOW | — | 0 |
| CVE-2021-29605 TensorFlow is an end-to-end open source platform for machine learning. The TFLite code for allocating `TFLiteIntArray`s is vulnerable to an integer overflow issue(https://github.com/tensorflow/tensorf... | 7.1 | HIGH | — | 0 |
| CVE-2021-29606 TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of `Split_V`(https://github.com/t... | 7.1 | HIGH | — | 0 |
| CVE-2021-29607 TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined behavior (dereferencing null pointers) as... | 5.3 | MEDIUM | — | 0 |
| CVE-2021-29608 TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.RaggedTensorToTensor`, an attacker can exploit an undefined behavior if input arguments ... | 5.3 | MEDIUM | — | 0 |
| CVE-2021-29609 TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined behavior (dereferencing null pointers) as... | 5.3 | MEDIUM | — | 0 |
| CVE-2021-29610 TensorFlow is an end-to-end open source platform for machine learning. The validation in `tf.raw_ops.QuantizeAndDequantizeV2` allows invalid values for `axis` argument:. The validation(https://github.... | 3.6 | LOW | — | 0 |
| CVE-2021-29611 TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseReshape` results in a denial of service based on a `CHECK`-failure. The implementation(https://gi... | 3.6 | LOW | — | 0 |
| CVE-2021-29612 TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in Eigen implementation of `tf.raw_ops.BandedTriangularSolve`. The implementation(... | 3.6 | LOW | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.