CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

317 matches found

Snyk•added 2025/11/10 9:41 p.m.•4 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation via the flow.eyen function. An attacker can trigger a segmentation fault by adding a Python sequence to the native code. PoC python import oneflow as flow diag = 1.0, 2.0, 3.0 tensor = flow.eye3 + diag...

6.9CVSS6.7AI score0.00153EPSS

Exploits1References2

vulnersOsv•added 2025/11/10 9:41 p.m.•1 views

flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-63397 via oneflow (=0.9.0)

oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-63397 Source advisory: SNYK:PYTHON-ONEFLOW-13876667...

6.5CVSS5.8AI score0.00153EPSS

Exploits1

Cvelist•added 2025/11/10 12:0 a.m.•6 views

CVE-2025-63397

Improper input validation in OneFlow v0.9.0 allows attackers to cause a segmentation fault via adding a Python sequence to the native code during broadcasting/type conversion...

0.00153EPSS

Exploits1References4

CNNVD•added 2025/11/10 12:0 a.m.•1 views

OneFlow 安全漏洞

Oneflow is a deep learning framework open-sourced by Oneflow. A security vulnerability exists in OneFlow version v0.9.0 that stems from improper input validation and could lead to a segmentation violation when adding Python sequences during broadcast or type conversion...

6.5CVSS6.5AI score0.00153EPSS

Exploits1References4

Positive Technologies•added 2025/11/10 12:0 a.m.•3 views

PT-2025-46198

Name of the Vulnerable Software and Affected Versions OneFlow version 0.9.0 Description A flaw exists in input validation within OneFlow version 0.9.0. This issue allows attackers to trigger a segmentation fault by adding a Python sequence to native code during broadcasting or type conversion. Th...

6.5CVSS6.5AI score0.00153EPSS

Exploits1References7

CVE•added 2025/11/10 12:0 a.m.•6 views

CVE-2025-63397

OneFlow v0.9.0 is affected by an improper input validation vulnerability that can cause a segmentation fault when a Python sequence is added to native code during broadcasting/type conversion. Root cause is insufficient checks on user-supplied input. Reported across multiple sources (nvd, Red Hat...

6.5CVSS6.6AI score0.00153EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2025/11/10 12:0 a.m.•2 views

CVE-2025-63397

Improper input validation in OneFlow v0.9.0 allows attackers to cause a segmentation fault via adding a Python sequence to the native code during broadcasting/type conversion...

6.5AI score0.00153EPSS

Exploits1References4