AI Threat Alert
AI Component
Inference
Inference-layer vulnerabilities target the serving infrastructure that runs ML models in production — including vLLM, TensorRT, Triton, and custom serving endpoints.
535
Total CVEs
27
Pages
Page 7 of 27
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| MEDIUM | CVE-2021-29618 | TensorFlow: DoS crash via tf.transpose complex+conjugate | tensorflow | 5.5 |
| MEDIUM | CVE-2021-29619 | TensorFlow: DoS via invalid SparseCount op args | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37640 | TensorFlow: SparseReshape div-by-zero crashes ML pipelines | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37642 | TensorFlow: ResourceScatterDiv div-by-zero enables DoS | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37653 | TensorFlow: DoS via divide-by-zero in ResourceGather op | tensorflow | 5.5 |
| HIGH | CVE-2021-37638 | TensorFlow: null ptr deref in RaggedTensorToTensor op | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37647 | TensorFlow: null deref in SparseTensor ops causes DoS | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37649 | TensorFlow: null ptr deref crashes inference via bad tensor | tensorflow | 5.5 |
| HIGH | CVE-2021-37641 | TensorFlow: RaggedGather OOB read - heap leak + DoS | tensorflow | 7.1 |
| HIGH | CVE-2021-37656 | TensorFlow: null ptr deref in RaggedTensorToSparse op | tensorflow | 7.8 |
| HIGH | CVE-2021-37657 | TensorFlow: null ptr deref in MatrixDiagV ops | tensorflow | 7.8 |
| HIGH | CVE-2021-37658 | TensorFlow: null ptr deref in MatrixSetDiagV ops | tensorflow | 7.8 |
| HIGH | CVE-2021-37659 | TensorFlow: heap OOB in cwise ops enables local RCE | tensorflow | 7.8 |
| HIGH | CVE-2021-37667 | TensorFlow: UnicodeEncode null deref, local code exec | tensorflow | 7.8 |
| HIGH | CVE-2021-37671 | TensorFlow: null-ptr deref in Map ops, local C/I/A:High | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37675 | TensorFlow: DoS via division by zero in conv ops | tensorflow | 5.5 |
| HIGH | CVE-2021-37676 | TensorFlow: null ptr deref in SparseFillEmptyRows op | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37680 | TFLite: division by zero crashes fully connected layers | tensorflow | 5.5 |
| HIGH | CVE-2021-37681 | TensorFlow Lite: null ptr deref crashes SVDF inference | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37686 | TFLite: infinite loop DoS via crafted strided slice model | tensorflow | 5.5 |