Google

Tensorflow

432 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-55559

Exploit
  • EPSS 0.02%
  • Published 25.09.2025 16:15:35
  • Last modified 03.10.2025 18:05:01

An issue was discovered TensorFlow v2.18.0. A Denial of Service (DoS) occurs when padding is set to 'valid' in tf.keras.layers.Conv2D.

6.5

CVE-2025-55556

Exploit
  • EPSS 0.02%
  • Published 25.09.2025 16:15:34
  • Last modified 03.10.2025 18:08:04

TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in the application.

7.5

CVE-2025-0649

  • EPSS 0.02%
  • Published 06.05.2025 20:20:02
  • Last modified 31.07.2025 18:12:48

Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash.

7.5

CVE-2023-33976

  • EPSS 0.03%
  • Published 30.07.2024 20:15:03
  • Last modified 21.11.2024 08:06:19

TensorFlow is an end-to-end open source platform for machine learning. `array_ops.upper_bound` causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12.

6.5

CVE-2023-25661

Exploit
  • EPSS 0.12%
  • Published 27.03.2023 20:15:09
  • Last modified 21.11.2024 07:49:53

TensorFlow is an Open Source Machine Learning Framework. In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. A proof of concept can be constructed with...

7.5

CVE-2023-25676

  • EPSS 0.18%
  • Published 25.03.2023 00:15:08
  • Last modified 21.11.2024 07:49:55

TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parameter `shape` with rank that is not greater than zero...

7.8

CVE-2023-25801

  • EPSS 0.08%
  • Published 25.03.2023 00:15:08
  • Last modified 21.11.2024 07:50:13

TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, `nn_ops.fractional_avg_pool_v2` and `nn_ops.fractional_max_pool_v2` require the first and fourth elements of their parameter `pooling_ratio` to be equal to 1...

7.5

CVE-2023-27579

  • EPSS 0.16%
  • Published 25.03.2023 00:15:08
  • Last modified 21.11.2024 07:53:11

TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater `filter_input_channel` of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fi...

7.5

CVE-2023-25658

  • EPSS 0.04%
  • Published 25.03.2023 00:15:07
  • Last modified 21.11.2024 07:49:53

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, an out of bounds read is in GRUBlockCellGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.

7.5

CVE-2023-25659

  • EPSS 0.15%
  • Published 25.03.2023 00:15:07
  • Last modified 21.11.2024 07:49:53

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter `indices` for `DynamicStitch` does not match the shape of the parameter `data`, it can trigger an stack OOB read. A fix is included in T...