1133 matches found
PT-2025-46720
Name of the Vulnerable Software and Affected Versions PyTorch versions 2.5 and 2.7.1 Description An issue exists where omitting profiler.stop can cause torch.profiler.profile PythonTracer to crash or hang during finalization, potentially leading to a Denial of Service DoS. Recommendations Ensure...
CVE-2025-63396
CVE-2025-63396 affects PyTorch v2.5 and v2.7.1, where omitting profiler.stop() allows torch.profiler.profile (PythonTracer) to crash or hang during finalization, yielding a Denial of Service (DoS). The connected sources consistently describe the same impact and affected component. There is no doc...
CVE-2025-63396
An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop can cause torch.profiler.profile PythonTracer to crash or hang during finalization, leading to a Denial of Service DoS...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1x8664.whl Vulnerability Details CVEID:CVE-2025-2148 DESCRIPTION: A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this...
NVIDIA Megatron-LM 代码注入漏洞
NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that is specifically designed for training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that stems from scripts improperly handling malicious data, which could lea...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to unexpected behavior in pytorch [CVE-2025-55552]
Summary IBM Watson Speech Services Cartridge is vulnerable to unexpected behavior in pytorch , that creates an inconsistent swap wih eager when compilingCVE-2025-55552. Pytorch is used in our speech service runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch [ CVE-2025-4287]
Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch that can be manipulated to cause a Denial of Service attack CVE-2025-4287. PyTorch is used in our speech service runtimes. This vulnerabilitiy has been addressed. Please read the...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by torch
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by torch Vulnerability Details CVEID:CVE-2025-2953 DESCRIPTION: A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch Vulnerability Details CVEID:CVE-2025-3730 DESCRIPTION: A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of...
NewStart CGSL MAIN 7.02 : pytorch Vulnerability (NS-SA-2025-0250)
The remote NewStart CGSL host, running version MAIN 7.02, has pytorch packages installed that are affected by a vulnerability: - PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1x8664.whl Vulnerability Details CVEID:CVE-2025-2148 DESCRIPTION: A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1x8664.whl Vulnerability Details CVEID:CVE-2025-4287 DESCRIPTION: A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1x8664.whl Vulnerability Details CVEID:CVE-2025-3000 DESCRIPTION: A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function...
Improper Input Validation
picklescan is vulnerable to Improper Input Validation. The vulnerability is due to inadequate validation in the scanning logic that fails to properly inspect pickle files with PyTorch-related extensions, which allows an attacker to bypass security checks and execute malicious code when the file i...
Insecure Deserialization
monai is vulnerable to Insecure Deserialization. The vulnerability is due to loading of untrusted checkpoint files like torch.load used without safe guards. This allows an attacker to supply a crafted checkpoint that executes arbitrary code during deserialization...
BIT-PYTORCH-2025-55560
An issue in pytorch v2.7.0 can lead to a Denial of Service DoS when a PyTorch model consists of torch.Tensor.tosparse and torch.Tensor.todense and is compiled by Inductor...
EUVD-2025-33343
scio is vunerable to Remote Command Execution through PyTorch...
EUVD-2021-0247
Malware in sbrugna...
EUVD-2021-0212
Malware in sbrugna...
BIT-PYTORCH-2025-55558
A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv and is compiled by Inductor, leading to a Denial of Service DoS...