AI Threat Alert
AI Component
Training Data
Training data vulnerabilities involve poisoned datasets, data theft, privacy violations in training corpora, and unauthorized use of copyrighted or sensitive data in model training.
162
Total CVEs
9
Pages
Page 4 of 9
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2021-41228 | TensorFlow: eval() in saved_model_cli allows RCE | tensorflow | 7.8 |
| HIGH | CVE-2022-21730 | TensorFlow: OOB read leaks heap memory, enables DoS | tensorflow | 8.1 |
| MEDIUM | CVE-2022-23563 | TensorFlow: TOC/TOU race allows temp file hijacking | tensorflow | 6.3 |
| HIGH | CVE-2022-23573 | TensorFlow: uninitialized memory in AssignOp | tensorflow | 8.8 |
| MEDIUM | CVE-2022-29193 | TensorFlow: DoS via TensorSummaryV2 input validation failure | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29207 | TensorFlow: null-ptr deref in eager mode causes DoS | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29211 | TensorFlow: NaN input crashes histogram op (CPU DoS) | tensorflow | 5.5 |
| HIGH | CVE-2022-35964 | TensorFlow: remote DoS via BlockLSTMGradV2 validation | tensorflow | 7.5 |
| CRITICAL | CVE-2022-41880 | TensorFlow: heap OOB read in candidate sampler op | tensorflow | 9.1 |
| HIGH | CVE-2022-41897 | TensorFlow: OOB read in FractionMaxPoolGrad causes DoS | tensorflow | 7.5 |
| CRITICAL | CVE-2022-41910 | TensorFlow Grappler: OOB read crashes or leaks memory | tensorflow | 9.1 |
| HIGH | CVE-2023-25658 | TensorFlow: OOB read in GRUBlockCellGrad causes DoS | tensorflow | 7.5 |
| HIGH | CVE-2023-25674 | TensorFlow: null pointer DoS in RandomShuffle (XLA) | tensorflow | 7.5 |
| HIGH | CVE-2023-27506 | Intel TF Opt: buffer overflow enables local priv-esc | optimization_for_tensorflow | 7.8 |
| MEDIUM | CVE-2023-30767 | Intel TF Opt: buffer overflow enables local privesc | optimization_for_tensorflow | 6.7 |
| HIGH | CVE-2021-4118 | pytorch-lightning: deserialization RCE via malicious checkpoint | pytorch_lightning | 7.8 |
| CRITICAL | CVE-2022-0845 | pytorch-lightning: code injection enables full RCE | pytorch_lightning | 9.8 |
| CRITICAL | CVE-2024-48063 | PyTorch: RCE via RemoteModule deserialization | pytorch | 9.8 |
| MEDIUM | CVE-2025-2998 | PyTorch: memory corruption in RNN pad_packed_sequence | pytorch | 5.3 |
| MEDIUM | CVE-2025-2999 | PyTorch: memory corruption in RNN sequence unpacking | pytorch | 5.3 |