495 matches found
PYSEC-2026-444 Code Injection in paddlepaddle
The vulnerability arises from the way the url parameter is incorporated into the command string without proper validation or sanitization. If the url is constructed from untrusted sources, an attacker could potentially inject malicious commands...
PYSEC-2026-442 PaddlePaddle Path Traversal vulnerability
Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before 2.6...
PYSEC-2026-445 PaddlePaddle vulnerable to remote code execution
remote code execution in paddlepaddle/paddle 2.6.0...
PYSEC-2026-441 PaddlePaddle Out-of-bounds Read vulnerability
Out-of-bounds read in gathertree in PaddlePaddle before 2.4. A patch is available in the release/2.4 branch...
PYSEC-2026-443 PaddlePaddle vulnerable to code injection via winstr
In PaddlePaddle before 2.4, paddle.audio.functional.getwindow is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution...
CVE-2026-10800
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...
CVE-2026-10800
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...
CVE-2026-10800 PaddlePaddle FastDeploy MultimodalHasher hasher.py hash_features weak hash
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...
CVE-2026-10800
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...
CVE-2026-10800 PaddlePaddle FastDeploy MultimodalHasher hasher.py hash_features weak hash
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...
CVE-2026-10800 PaddlePaddle FastDeploy MultimodalHasher hasher.py hash_features weak hash
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...
CVE-2026-10800
The CVE-2026-10800 entry concerns PaddlePaddle FastDeploy up to 2.4.1, specifically the MultimodalHasher component’s hasher.py hash_features function. The weakness can allow manipulation that leads to the use of a weak hash, with exploitation requiring local access and carries a high attack compl...
PT-2026-46167
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash features of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A hig...
GPU-Fuzz: Finding Memory Errors in Deep Learning Frameworks
GPU memory errors are a critical threat to deep learning DL frameworks, leading to crashes or even security issues. We introduce GPU-Fuzz, a fuzzer locating these issues efficiently by modeling operator parameters as formal constraints. GPU-Fuzz utilizes a constraint solver to generate test cases...
EUVD-2024-0131
Malicious code in bioql PyPI...
EUVD-2022-0191
Malicious code in bioql PyPI...
EUVD-2024-0132
Malicious code in bioql PyPI...
EUVD-2024-0148
Malicious code in bioql PyPI...
EUVD-2024-0919
Malicious code in bioql PyPI...
EUVD-2024-0141
Malicious code in bioql PyPI...