317 matches found
CVE-2025-65891
CVE-2025-65891 is a vulnerability in OneFlow v0.9.0 where flow.cuda.get_device_properties() accepts an invalid or negative device index, leading to a Denial of Service (DoS). Multiple sources (NVD, Red Hat, OSV, CIRCL, ENISA, Snyk entries) describe a GPU device-ID validation flaw in OneFlow, with...
CVE-2025-71005
A floating point exception FPE in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
Oneflow security vulnerabilities
OneFlow is an open-source deep learning framework developed by OneFlow. Version 0.9.0 of OneFlow contains a security vulnerability; this vulnerability stems from a floating-point exception in the flow.columnstack component, which could lead to a denial-of-service attack...
CVE-2025-71000
An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-65889
A type validation flaw in the flow.dstack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-65887
A division-by-zero vulnerability in the flow.floordivide component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input tensor with zero...
PT-2026-5148
A GPU device-ID validation flaw in the flow.cuda.get device capability component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted device ID...
EUVD-2025-206474
A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS by calling flow.cuda.synchronize with an invalid or out-of-range GPU device index...
CVE-2025-65890
A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS by calling flow.cuda.synchronize with an invalid or out-of-range GPU device index...
CVE-2025-71002
CVE-2025-71002 describes a floating-point exception (FPE) in the OneFlow v0.9.0 flow.column_stack component that can be triggered by crafted input, resulting in a Denial of Service (DoS). Affected software/component: OneFlow 0.9.0, specifically the flow.column_stack/flow.column stack path. Root c...
CVE-2025-71003
An input validation vulnerability in the flow.arange component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71003
CVE-2025-71003 is an input validation vulnerability in OneFlow v0.9.0, affecting the flow.arange() component and enabling a DoS via crafted input. Documents consistently indicate the affected software and component; no exploit payloads are provided in the sources. Remediation guidance appears inc...
CVE-2025-71001
A segmentation violation in the flow.columnstack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71007
An input validation vulnerability in the oneflow.indexadd component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
Oneflow security vulnerabilities
Oneflow is an open-source deep learning framework developed by Oneflow. Version 0.9.0 of Oneflow contains a security vulnerability; this vulnerability stems from a segmentation violation in the flow.columnstack component, which could lead to a denial-of-service attack...
CVE-2025-71006
The CVE-2025-71006 entry concerns OneFlow v0.9.0, where a flaw in the oneflow.reshape component can trigger a floating point exception (FPE) and cause a Denial of Service (DoS) via a crafted input. Multiple connected sources (Red Hat, NVD, OSV, CVE listings, and vulnerability trackers) confirm th...
CVE-2025-71005
The CVE-2025-71005 affects OneFlow v0.9.0, specifically the oneflow.view component. A floating point exception (FPE) triggered by a crafted input can cause a Denial of Service (DoS). The available connected documents consistently describe the affected software and the input-driven FPE as the root...
CVE-2025-65890
A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS by calling flow.cuda.synchronize with an invalid or out-of-range GPU device index...
PT-2026-5146
A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS by calling flow.cuda.synchronize with an invalid or out-of-range GPU device index...
CVE-2025-71007
An input validation vulnerability in the oneflow.indexadd component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...