Lucene search
K

327 matches found

CNNVD
CNNVD
added 2026/02/18 12:0 a.m.9 views

Autodesk Shared Components 缓冲区错误漏洞

Autodesk Shared Components is a component provided by Autodesk, Inc. in the United States. Autodesk Shared Components has a buffer error vulnerability. This vulnerability arises from the possibility of out-of-bounds write attacks during the parsing of specially crafted MODEL files, which can lead...

7.8CVSS7.6AI score0.00215EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/02/11 10:10 p.m.6 views

CVE-2026-1669

Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...

7.5CVSS5.2AI score0.00298EPSS
Exploits0
CNVD
CNVD
added 2026/02/05 12:0 a.m.4 views

Google SentencePiece Buffer Overflow Vulnerability

Google SentencePiece is an unsupervised text splitter for neural network-based text generation from Google USA. Google SentencePiece suffers from a buffer overflow vulnerability that stems from an invalid memory access when using a vulnerable model file created by an unusual training process. No...

8.5CVSS6AI score0.00163EPSS
Exploits0References1
OSV
OSV
added 2026/01/22 6:30 p.m.2 views

GHSA-38VQ-G6VR-W8WF Sentencepiece has a a heap overflow issue

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

8.5CVSS5.9AI score0.00163EPSS
Exploits0References4
Snyk
Snyk
added 2026/01/22 5:50 p.m.5 views

Heap-based Buffer Overflow

Overview sentencepiece is an Unsupervised text tokenizer and detokenizer. Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the processing of a malicious model file. An attacker can cause the application to access invalid memory regions by supplying a model file...

8.5CVSS5.9AI score0.00163EPSS
Exploits0References2
NVD
NVD
added 2026/01/22 5:16 p.m.7 views

CVE-2026-1260

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

8.5CVSS0.00163EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/01/22 5:6 p.m.23 views

CVE-2026-1260 Invalid Memory Access in Sentencepiece,

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

8.5CVSS0.00163EPSS
Exploits0References1
OSV
OSV
added 2026/01/22 5:6 p.m.8 views

CVE-2026-1260 Invalid Memory Access in Sentencepiece,

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

8.5CVSS7.1AI score0.00163EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/01/22 5:6 p.m.3 views

CVE-2026-1260

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

8.5CVSS5.2AI score0.00163EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

Google SentencePiece 安全漏洞

Google SentencePiece is an unsupervised text splitter for neural network-based text generation from Google USA. Google SentencePiece suffers from a buffer overflow vulnerability that stems from an invalid memory access when using a vulnerable model file created by an unusual training process. No...

8.5CVSS7.4AI score0.00163EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.8 views

PT-2026-4204

Name of the Vulnerable Software and Affected Versions Sentencepiece versions prior to 0.2.1 Description An invalid memory access issue exists in Sentencepiece when processing a specially crafted model file that was not generated through standard training procedures. This can lead to a crash or...

8.5CVSS5.6AI score0.00163EPSS
Exploits0References18
CNNVD
CNNVD
added 2025/12/26 12:0 a.m.5 views

lmdeploy 代码问题漏洞

lmdeploy is an InternLM open source toolkit for compressing, deploying and servicing LLM. A code issue vulnerability exists in versions of lmdeploy prior to 0.11.1 that stems from loading model checkpoint files without using the weightsonly parameter, which could lead to an attacker executing...

8.8CVSS9AI score0.00487EPSS
Exploits0References3
NVD
NVD
added 2025/12/23 9:15 p.m.4 views

CVE-2025-14921

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...

7.8CVSS0.00262EPSS
Exploits0References1
OSV
OSV
added 2025/12/23 9:4 p.m.5 views

CVE-2025-14921 Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...

7.8CVSS7.6AI score0.00262EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/23 9:4 p.m.5 views

CVE-2025-14921 Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...

7.8CVSS7.3AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.6 views

Hugging Face Transformers 代码问题漏洞

Hugging Face Transformers is a Hugging Face open source framework for defining state-of-the-art machine learning models covering textual, visual, audio, and multimodal models for inference and training. A code issue vulnerability exists in Hugging Face Transformers that stems from a lack of...

7.8CVSS8AI score0.00262EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/12/17 12:0 a.m.4 views

Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.1AI score0.0021EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/12/17 12:0 a.m.7 views

Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.1AI score0.0021EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/12/17 12:0 a.m.5 views

Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.1AI score0.0021EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/12/17 12:0 a.m.5 views

Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.1AI score0.0021EPSS
Exploits0References1
Rows per page
Query Builder