1101 matches found
CVE-2024-37059
Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user’s system when interacted with...
CVE-2024-37059
Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user’s system when interacted with...
CVE-2024-37059
Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user’s system when interacted with...
CVE-2024-37059
Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user’s system when interacted with...
Exploit for Server-Side Request Forgery in Pytorch Torchserve
CVE-2023-43654 ShellTorch is a chain of 3 Critical...
CVE-2024-27318 affecting package pytorch for versions less than 2.0.0-6
CVE-2024-27318 affecting package pytorch for versions less than 2.0.0-6. A patched version of the package is available...
CVE-2024-31584 affecting package pytorch for versions less than 2.0.0-5
CVE-2024-31584 affecting package pytorch for versions less than 2.0.0-5. A patched version of the package is available...
CVE-2024-31583 affecting package pytorch for versions less than 2.0.0-4
CVE-2024-31583 affecting package pytorch for versions less than 2.0.0-4. A patched version of the package is available...
CVE-2024-31580 affecting package pytorch for versions less than 2.0.0-4
CVE-2024-31580 affecting package pytorch for versions less than 2.0.0-4. A patched version of the package is available...
CVE-2024-27319 affecting package pytorch for versions less than 2.0.0-4
CVE-2024-27319 affecting package pytorch for versions less than 2.0.0-4. A patched version of the package is available...
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp.
...
SUSE CVE-2024-31584
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbufferloader.cpp...
PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
...
Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.
...
Out-Of-Bounds Read
Pytorch is vulnerable to an Out-of-bounds Read. The vulnerability is caused due to a missing validation for mobileivaluesize variable for a value greater than ivalues-size in function FlatbufferLoader::parseModule within torch/csrc/jit/mobile/flatbufferloader.cpp. This introduces potential for...
CVE-2024-31584
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbufferloader.cpp...
AZL-40043 CVE-2024-31584 affecting package pytorch for versions less than 2.0.0-5
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbufferloader.cpp...
CVE-2024-31584
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbufferloader.cpp...
PYSEC-2024-250
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbufferloader.cpp...
PYSEC-2024-250
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbufferloader.cpp...