PT-2025-14724

Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp version 5.4.3 Description A critical issue has been found in the Open Asset Import Library Assimp, affecting the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup in the file...

PT-2025-14583 · Mindspore · Mindspore

Name of the Vulnerable Software and Affected Versions: MindSpore version 2.5.0 Description: A vulnerability was found in MindSpore, affecting the function mindspore.numpy.fft.hfftn. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has...

PT-2025-14762

Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp version 5.4.3 Description A vulnerability has been found in the Open Asset Import Library Assimp, affecting the function Assimp::SceneCombiner::AddNodeHashes of the file code/Common/SceneCombiner.cpp of the...

PT-2025-14773 · Unknown · Thu-Pacman Chitu

Name of the Vulnerable Software and Affected Versions: thu-pacman chitu version 0.1.0 Description: A critical vulnerability has been found in thu-pacman chitu. This issue affects the torch.load function in the file chitu/chitu/backend.py. The manipulation of the ckpt path/quant ckpt dir argument...

PT-2025-14603 · Unknown · Code-Projects Product Management System

Name of the Vulnerable Software and Affected Versions: codeprojects Product Management System version 1.0 Description: A vulnerability was found in the codeprojects Product Management System, classified as problematic. This issue affects some unknown processing of the component Login. The...

PT-2025-14573 · Pytorch +1 · Pytorch +1

Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0 Description: A problematic vulnerability has been found in PyTorch, affecting the function torch.cuda.memory.caching allocator delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory...

CVE-2025-3010

A vulnerability, which was classified as problematic, has been found in Khronos Group glslang 15.1.0. Affected by this issue is the function glslang::TIntermediate::isConversionAllowed of the file glslang/MachineIndependent/Intermediate.cpp. The manipulation leads to null pointer dereference. The...

CVE-2025-3001

A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstmcell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used...

GHSA-6XFJ-HHWH-R3C2 Ouch Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability

A vulnerability was found in ouch-org ouch up to 0.3.1. It has been classified as critical. This affects the function ouch::archive::zip::convertzipdatetime of the file zip.rs. The manipulation of the argument month leads to memory corruption. The attack needs to be approached locally. The exploi...

CVE-2024-13941

A vulnerability was found in ouch-org ouch up to 0.3.1. It has been classified as critical. This affects the function ouch::archive::zip::convertzipdatetime of the file zip.rs. The manipulation of the argument month leads to memory corruption. The attack needs to be approached locally. The exploi...

CVE-2024-13941 ouch-org ouch zip.rs convert_zip_date_time memory corruption

A vulnerability was found in ouch-org ouch up to 0.3.1. It has been classified as critical. This affects the function ouch::archive::zip::convertzipdatetime of the file zip.rs. The manipulation of the argument month leads to memory corruption. The attack needs to be approached locally. The exploi...

SUSE CVE-2025-2912

A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The...

SUSE CVE-2025-2923

A vulnerability, which was classified as problematic, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5Faddrencodelen of the file src/H5Fint.c. The manipulation of the argument pp leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has...

SUSE CVE-2025-2924

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HLfldeserialize of the file src/H5HLcache.c. The manipulation of the argument freeblock leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The...

SUSE CVE-2025-2953

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

ASB-A-380855429

In binderaddfreezework of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

DEBIAN-CVE-2025-3010

A vulnerability, which was classified as problematic, has been found in Khronos Group glslang 15.1.0. Affected by this issue is the function glslang::TIntermediate::isConversionAllowed of the file glslang/MachineIndependent/Intermediate.cpp. The manipulation leads to null pointer dereference. The...

CVE-2025-3010 Khronos Group glslang Intermediate.cpp isConversionAllowed null pointer dereference

A vulnerability, which was classified as problematic, has been found in Khronos Group glslang 15.1.0. Affected by this issue is the function glslang::TIntermediate::isConversionAllowed of the file glslang/MachineIndependent/Intermediate.cpp. The manipulation leads to null pointer dereference. The...

CVE-2025-3010

CVE-2025-3010 affects Khronos Group glslang 15.1.0. The vulnerability is a null pointer dereference in glslang::TIntermediate::isConversionAllowed, located in glslang/MachineIndependent/Intermediate.cpp. The issue enables a local attack and an exploit has been disclosed publicly. The description ...

PyTorch is vulnerable to memory corruption through its torch.lstm_cell function

A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstmcell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. A patch is available...