Vulnerabilities > Google > Tensorflow > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-14 CVE-2021-29610 Out-of-bounds Write vulnerability in Google Tensorflow
TensorFlow is an end-to-end open source platform for machine learning.
local
low complexity
google CWE-787
7.8
2021-05-14 CVE-2021-29612 Out-of-bounds Write vulnerability in Google Tensorflow
TensorFlow is an end-to-end open source platform for machine learning.
local
low complexity
google CWE-787
7.8
2021-05-14 CVE-2021-29613 Out-of-bounds Read vulnerability in Google Tensorflow
TensorFlow is an end-to-end open source platform for machine learning.
local
low complexity
google CWE-125
7.1
2021-05-14 CVE-2021-29614 Out-of-bounds Write vulnerability in Google Tensorflow
TensorFlow is an end-to-end open source platform for machine learning.
local
low complexity
google CWE-787
7.8
2021-05-14 CVE-2021-29616 NULL Pointer Dereference vulnerability in Google Tensorflow
TensorFlow is an end-to-end open source platform for machine learning.
local
low complexity
google CWE-476
7.8
2021-05-14 CVE-2021-29512 Out-of-bounds Write vulnerability in Google Tensorflow
TensorFlow is an end-to-end open source platform for machine learning.
local
low complexity
google CWE-787
7.8
2020-12-10 CVE-2020-26269 Out-of-bounds Read vulnerability in Google Tensorflow 2.4.0
In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the directories.
network
low complexity
google CWE-125
7.5
2020-12-10 CVE-2020-26267 Out-of-bounds Read vulnerability in Google Tensorflow
In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes.
local
low complexity
google CWE-125
7.8
2020-10-21 CVE-2020-15266 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Tensorflow
In Tensorflow before version 2.4.0, when the `boxes` argument of `tf.image.crop_and_resize` has a very large value, the CPU kernel implementation receives it as a C++ `nan` floating point value.
network
low complexity
google CWE-119
7.5
2020-10-21 CVE-2020-15265 Unspecified vulnerability in Google Tensorflow
In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`.
network
low complexity
google
7.5