AI Threat Alert
AI Component
Inference
Inference-layer vulnerabilities target the serving infrastructure that runs ML models in production — including vLLM, TensorRT, Triton, and custom serving endpoints.
535
Total CVEs
27
Pages
Page 2 of 27
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| MEDIUM | CVE-2020-15200 | TensorFlow: heap overflow in RaggedCountSparseOutput DoS | tensorflow | 5.9 |
| MEDIUM | CVE-2020-15201 | TensorFlow: heap overflow in ragged tensor ops | tensorflow | 4.8 |
| CRITICAL | CVE-2020-15202 | TensorFlow: Shard API int truncation enables memory corruption | tensorflow | 9.0 |
| HIGH | CVE-2020-15203 | TensorFlow: format string DoS in strings.as_string | tensorflow | 7.5 |
| MEDIUM | CVE-2020-15204 | TensorFlow: null ptr deref DoS in eager mode ops | tensorflow | 5.3 |
| CRITICAL | CVE-2020-15205 | TensorFlow: heap overflow in StringNGrams, ASLR bypass | tensorflow | 9.8 |
| HIGH | CVE-2020-15206 | TensorFlow: SavedModel protobuf DoS in inference serving | tensorflow | 7.5 |
| CRITICAL | CVE-2020-15207 | TFLite: OOB write via unchecked negative axis index | tensorflow | 9.0 |
| CRITICAL | CVE-2020-15208 | TFLite: OOB read/write via tensor dimension mismatch | tensorflow | 9.8 |
| MEDIUM | CVE-2020-15209 | TensorFlow Lite: null ptr deref crashes model inference | tensorflow | 5.9 |
| MEDIUM | CVE-2020-15210 | TensorFlow Lite: memory corruption via aliased tensors | tensorflow | 6.5 |
| MEDIUM | CVE-2020-15211 | TensorFlow Lite: heap OOB RW via flatbuffer tensor index | tensorflow | 4.8 |
| HIGH | CVE-2020-15212 | TensorFlow Lite: heap OOB write via segment sum op | tensorflow | 8.6 |
| MEDIUM | CVE-2020-15213 | TensorFlow Lite: OOM DoS via crafted segment sum model | tensorflow | 4.0 |
| HIGH | CVE-2020-15214 | TensorFlow Lite: OOB write in segment sum, memory corruption risk | tensorflow | 8.1 |
| HIGH | CVE-2020-15265 | TensorFlow: OOB read DoS via invalid quantize axis | tensorflow | 7.5 |
| HIGH | CVE-2020-15266 | TensorFlow: NaN-triggered DoS in crop_and_resize op | tensorflow | 7.5 |
| MEDIUM | CVE-2020-26266 | TensorFlow: uninitialized memory read via crafted SavedModel | tensorflow | 5.3 |
| HIGH | CVE-2020-26267 | TensorFlow: OOB read in DataFormatVecPermute op | tensorflow | 7.8 |
| LOW | CVE-2020-26270 | TensorFlow: DoS via zero-length input to LSTM/GRU on CUDA | tensorflow | 3.3 |