1101 matches found
CVE-2025-3730 affecting package pytorch for versions less than 2.0.0-8
CVE-2025-3730 affecting package pytorch for versions less than 2.0.0-8. A patched version of the package is available...
CVE-2025-32434 affecting package pytorch for versions less than 2.0.0-8
CVE-2025-32434 affecting package pytorch for versions less than 2.0.0-8. A patched version of the package is available...
PT-2025-19794 · Pytorch +1 · Pytorch +1
Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0+cu124 Description: A vulnerability was found in PyTorch, affecting the function torch.cuda.nccl.reduce of the file torch/cuda/nccl.py. This issue leads to denial of service and can be exploited on the local host. The...
PyTorch 安全漏洞
PyTorch is a Python package open-sourced by PyTorch. PyTorch has a security vulnerability that originates from improper handling of the function torch.cuda.nccl.reduce in the file torch/cuda/nccl.py, which can be exploited by an attacker to cause a denial of service...
PyTorch Remote Command Execution Vulnerability
PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a remote command execution vulnerability that can be exploited by an attacker to execute arbitrary commands on a system...
Remote Code Execution (RCE)
PyTorch is vulnerable to Remote Command Execution RCE. The vulnerability is due to unsafe deserialization due to the use of torch.loadweightsonly=True on untrusted model files, allowing an attacker to execute arbitrary code by supplying a maliciously crafted model...
PyTorch Denial of Service Vulnerability (CNVD-2025-23353)
PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a denial of service vulnerability caused by a floating point exception in torch.nn.functional.ctcloss. An attacker can exploit this vulnerability to cause a denial of service...
CVE-2025-32434 affecting package pytorch for versions less than 2.2.2-6
CVE-2025-32434 affecting package pytorch for versions less than 2.2.2-6. A patched version of the package is available...
CVE-2025-3730 affecting package pytorch for versions less than 2.2.2-6
CVE-2025-3730 affecting package pytorch for versions less than 2.2.2-6. A patched version of the package is available...
PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of service
...
PyTorch: `torch.load` with `weights_only=True` leads to remote code execution
...
Denial Of Service (DoS)
PyTorch is vulnerable to Denial of Service DoS. The vulnerability is due to improper input handling in the torch.nn.functional.ctcloss function, which can be exploited locally to trigger a crash...
GHSA-GGPF-24JW-3FCW CVE-2025-24357 Malicious model remote code execution fix bypass with PyTorch < 2.6.0
Description https://github.com/vllm-project/vllm/security/advisories/GHSA-rh4j-5rhw-hr54 reported a vulnerability where loading a malicious model could result in code execution on the vllm host. The fix applied to specify weightsonly=True to calls to torch.load did not solve the problem prior to...
CVE-2025-24357 Malicious model remote code execution fix bypass with PyTorch < 2.6.0
Description https://github.com/vllm-project/vllm/security/advisories/GHSA-rh4j-5rhw-hr54 reported a vulnerability where loading a malicious model could result in code execution on the vllm host. The fix applied to specify weightsonly=True to calls to torch.load did not solve the problem prior to...
BIT-PYTORCH-2025-32434 PyTorch: `torch.load` with `weights_only=True` leads to remote code execution
PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model using torch.load with...
PYSEC-2025-41
PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model using torch.load with...
AZL-60877 CVE-2025-32434 affecting package pytorch for versions less than 2.2.2-6
PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model using torch.load with...
PYSEC-2025-41
PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model using torch.load with...
DEBIAN-CVE-2025-32434
PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model using torch.load with...
AZL-60880 CVE-2025-32434 affecting package pytorch for versions less than 2.0.0-8
PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model using torch.load with...