Lucene search
K

168 matches found

CVE
CVE
added 2025/03/31 2:0 p.m.87 views

CVE-2025-2998

CVE-2025-2998 affects PyTorch 2.6.0, specifically the function torch.nn.utils.rnn.pad_packed_sequence, causing memory corruption. The issue requires local access; the exploit has been disclosed publicly. The provided documents do not specify a patched version or remediation steps. Monitor for upd...

5.3CVSS6.9AI score0.00185EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/03/31 2:0 p.m.15 views

CVE-2025-2998 PyTorch torch.nn.utils.rnn.pad_packed_sequence memory corruption

A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.padpackedsequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the...

5.3CVSS0.00185EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/03/31 12:0 a.m.5 views

PT-2025-13784

Name of the Vulnerable Software and Affected Versions PyTorch version 2.6.0 Description An issue exists in the torch.jit.script function that can lead to memory corruption. This flaw allows an attack to be launched on the local host. Recommendations At the moment, there is no information about a...

5.3CVSS5.5AI score0.00183EPSS
Exploits0References23
Positive Technologies
Positive Technologies
added 2025/03/31 12:0 a.m.3 views

PT-2025-13780 · Pytorch +1 · Pytorch +1

Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0 Description: A critical vulnerability was found in PyTorch, affecting the function torch.nn.utils.rnn.unpack sequence. The manipulation of this function leads to memory corruption. Local attacks are required to exploit...

5.3CVSS5.1AI score0.00185EPSS
Exploits0References18
vulnersOsv
vulnersOsv
added 2025/03/30 6:30 p.m.5 views

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +25613 more potentially affected by CVE-2025-2953 via torch (>=1.0.0 <=2.7.0)

torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.0.16 - a1facts =0.2.6 and more Source cves: CVE-2025-2953 Source advisory: OSV:GHSA-3749-GHW9-M3MG...

5.5CVSS5.8AI score0.00237EPSS
Exploits1
OSV
OSV
added 2025/03/30 6:30 p.m.11 views

GHSA-3749-GHW9-M3MG PyTorch susceptible to local Denial of Service

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

4.8CVSS5.3AI score0.00237EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2025/03/30 6:30 p.m.13 views

PyTorch susceptible to local Denial of Service

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

5.5CVSS6.5AI score0.00237EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2025/03/30 4:15 p.m.2 views

DEBIAN-CVE-2025-2953

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

5.5CVSS3.7AI score0.00237EPSS
Exploits1References1
CVE
CVE
added 2025/03/30 3:31 p.m.242 views

CVE-2025-2953

CVE-2025-2953 affects PyTorch 2.6.0+cu124, specifically the mkldnn_max_pool2d function. The issue can lead to denial of service via local access, with an exploit publicly disclosed and the vulnerability’s real existence doubted in the description. The connected IBM bulletin references PyTorch in ...

5.5CVSS4.5AI score0.00237EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2025/03/30 3:31 p.m.21 views

CVE-2025-2953 PyTorch torch.mkldnn_max_pool2d denial of service

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

4.8CVSS0.00237EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/03/30 3:31 p.m.14 views

CVE-2025-2953 PyTorch torch.mkldnn_max_pool2d denial of service

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

4.8CVSS4.5AI score0.00237EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2025/03/30 3:31 p.m.8 views

CVE-2025-2953

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

5.5CVSS3.6AI score0.00237EPSS
Exploits1
CNNVD
CNNVD
added 2025/03/30 12:0 a.m.4 views

PyTorch 安全漏洞

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a denial of service vulnerability caused by a floating point exception in the function torch.mkldnnmaxpool2d. An attacker can exploit this vulnerability to cause a denial of service...

5.5CVSS6.7AI score0.00237EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/03/29 12:0 a.m.15 views

CBL Mariner 2.0 Security Update: pytorch (CVE-2024-31580)

The version of pytorch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-31580 advisory. - PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component...

4CVSS5.5AI score0.00223EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 7:20 a.m.16 views

Security Bulletin: IBM Maximo Application Suite Ai-Broker Component vulnerable to PyTorch to execute arbitrary code on the system.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Broker Component may be vulnerable to PyTorch arbitrary code execution of Python code through the use of torch. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-48063...

9.8CVSS8AI score0.01584EPSS
Exploits1Affected Software1
OSV
OSV
added 2025/03/20 10:15 a.m.10 views

AZL-59201 CVE-2024-7776 affecting package pytorch for versions less than 2.2.2-5

A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability can be exploited by an attacker to overwrite files i...

9.1CVSS5.9AI score0.01357EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/15 2:25 a.m.11 views

CVE-2025-2149

A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnqSigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zeropoint leads to improper initialization. The attack needs to be approached...

2.5CVSS6.6AI score0.00233EPSS
Exploits1References1
NVD
NVD
added 2025/03/10 1:15 p.m.10 views

CVE-2025-2149

A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnqSigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zeropoint leads to improper initialization. The attack needs to be approached...

2.5CVSS0.00233EPSS
Exploits1References5
OSV
OSV
added 2025/03/10 1:15 p.m.6 views

PYSEC-2025-190

A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnqSigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zeropoint leads to improper initialization. The attack needs to be approached...

2CVSS4.1AI score0.00233EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/03/10 12:31 p.m.8 views

CVE-2025-2149 PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization

A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnqSigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zeropoint leads to improper initialization. The attack needs to be approached...

2.5CVSS7AI score0.00233EPSS
Exploits1References5
Rows per page
Query Builder