40 matches found
EUVD-2024-0791
Malicious code in bioql PyPI...
EUVD-2022-0191
Malicious code in bioql PyPI...
EUVD-2024-0138
Malicious code in bioql PyPI...
EUVD-2024-0139
Malicious code in bioql PyPI...
EUVD-2024-0136
Malicious code in bioql PyPI...
EUVD-2024-0131
Malicious code in bioql PyPI...
EUVD-2022-7474
Malicious code in bioql PyPI...
CVE-2023-38677
FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2024-1603 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves: CVE-2024-16...
paddlepaddle code injection vulnerability
PaddlePaddle PaddlePaddle is an independent R&D deep learning platform open-sourced by China's PaddlePaddle PaddlePaddle. A code injection vulnerability exists in paddlepaddle version 2.6.0, which stems from the application failing to properly filter special elements of constructed code segments...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-52309 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-52313 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...
PYSEC-2024-134
Nullptr in paddle.nextafterin PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-52305 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...
PYSEC-2024-135
Nullptr in paddle.putalongaxis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...
PYSEC-2024-139
Stack overflow in paddle.linalg.luunpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage...
PYSEC-2024-141
Heap buffer overflow in paddle.repeatinterleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible...
PYSEC-2024-133
OOB access in paddle.modein PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...
PYSEC-2024-143
PaddlePaddle before 2.6.0 has a command injection in wgetdownload. This resulted in the ability to execute arbitrary commands on the operating system...
PYSEC-2024-139
Stack overflow in paddle.linalg.luunpackin PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage...