1135 matches found
MAL-2025-45666 Malicious code in pytorch-doc-zh (npm)
The package pytorch-doc-zh was found to contain malicious code...
Malicious code in pytorch-doc-zh (npm)
The package pytorch-doc-zh was found to contain malicious code...
PyTorch nccl.py torch.cuda.nccl.reduce denial of service
...
Linux Distros Unpatched Vulnerability : CVE-2025-2998
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.padpackedsequenc...
Linux Distros Unpatched Vulnerability : CVE-2025-3136
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.cachingallocatordelete ...
Linux Distros Unpatched Vulnerability : CVE-2025-3730
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file...
Linux Distros Unpatched Vulnerability : CVE-2025-4287
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function torch.cuda.nccl.reduce of the file...
Linux Distros Unpatched Vulnerability : CVE-2025-3001
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstmcell. The manipulation leads to memory...
Linux Distros Unpatched Vulnerability : CVE-2025-3121
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jitmodulefromflatbuffer. The manipulation leads to...
Linux Distros Unpatched Vulnerability : CVE-2025-2148
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Remote Command Execution in PyTorch [CVE-2025-32434]
Summary IBM Watson Speech Services Cartridge is vulnerable to a Remote Command Execution in PyTorch, due to a condition that exists when loading a model using torch.load with weightsonly=True CVE-2025-32434. PyTorch is used in our speech service runtimes. This vulnerabilitiy has been addressed...
Linux Distros Unpatched Vulnerability : CVE-2025-2953
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The...
Linux Distros Unpatched Vulnerability : CVE-2025-2999
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpacksequence. The...
Linux Distros Unpatched Vulnerability : CVE-2025-32434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In...
Linux Distros Unpatched Vulnerability : CVE-2025-3000
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption...
Linux Distros Unpatched Vulnerability : CVE-2025-2149
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnqSigmoid of the component Quantized...
Picklescan is missing detection when calling built-in python library asyncio.unix_events._UnixSubprocessTransport._start
Summary Using asyncio.unixevents.UnixSubprocessTransport.start function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...
GHSA-49GJ-C84Q-6QM9 Picklescan is missing detection when calling built-in python cProfile.run
Summary Using cProfile.run function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to cProfile.run function in reduce method Then when the victim after checkin...
Picklescan is missing detection when calling built-in python doctest.debug_script
Summary Using doctest.debugscript function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to doctest.debugscript function in reduce method Then when the victim...
Picklescan is missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcommand
Summary Using idlelib.pyshell.ModifiedInterpreter.runcommand function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...