|
210041
|
8.6 |
HIGH
Network
|
google
|
tensorflow
|
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. U…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15212
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210042
|
4.8 |
MEDIUM
Network
|
google
opensuse
|
tensorflow
leap
|
In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set o…
|
-
|
CVE-2020-15211
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210043
|
5.9 |
MEDIUM
Network
|
google
opensuse
|
tensorflow
leap
|
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. This can be achieved by chang…
|
-
|
CVE-2020-15209
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210044
|
9.8 |
CRITICAL
Network
|
google
opensuse
|
tensorflow
leap
|
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation…
|
-
|
CVE-2020-15208
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210045
|
9.0 |
CRITICAL
Network
|
google
opensuse
|
tensorflow
leap
|
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses `ResolveAxis` to convert negative values to positive indices. Ho…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15207
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210046
|
7.5 |
HIGH
Network
|
google
opensuse
|
tensorflow
leap
|
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corrup…
|
-
|
CVE-2020-15206
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210047
|
9.8 |
CRITICAL
Network
|
google
opensuse
|
tensorflow
leap
|
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation. This allows a user to pass values that can cause heap ov…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15205
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210048
|
5.3 |
MEDIUM
Network
|
google
opensuse
|
tensorflow
leap
|
In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling `tf.raw_ops.GetSessionHandle` or `tf.raw_ops.GetSessionHandleV2` results…
|
-
|
CVE-2020-15204
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210049
|
9.0 |
CRITICAL
Network
|
google
opensuse
|
tensorflow
leap
|
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. However…
|
NVD-CWE-Other
|
CVE-2020-15202
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210050
|
4.8 |
MEDIUM
Network
|
google
|
tensorflow
|
In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15201
|
2024-11-21 14:05 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
