737 matches found
SUSE CVE-2026-7020
A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote...
CVE-2026-41666
Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0...
CVE-2026-41667
Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0...
CVE-2026-40448
Potential Integer overflow in tensor allocation size calculation could lead to insufficient memory allocation for large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0...
Ollama is Vulnerable to Path Traversal
A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote...
CVE-2026-7020 Ollama Tensor Model Transfer transfer.go digestToPath path traversal
A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote...
CVE-2026-7020
CVE-2026-7020 affects Ollama up to version 0.20.2. The vulnerability lies in the digestToPath function (x/imagegen/transfer/transfer.go) where manipulating the digest enables path traversal. The attack can be performed remotely and is described as high complexity with a documented PoC/exploit. Co...
EUVD-2026-25695
A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote...
PT-2026-35201
A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote...
Ollama 路径遍历漏洞
Ollama is an open-source tool developed by Ollama that can be run locally, used for managing and customizing large language models. Ollama versions 0.20.2 and earlier had a path traversal vulnerability. This vulnerability stemmed from the operation of the digestToPath function in the Tensor Model...
Exploit for CVE-2026-7020
CVE-2026-7020 Ollama arbitrary file read via tensor digest pa...
📄 Keras 3.13.0 Malicious ML Model Server HDF5 Shape Bomb
This script is a Flask-based web server that distributes .keras machine learning model files, but it is designed in a malicious way for security research/testing scenarios. The main idea is a denial of service via memory exhaustion, where generated Keras models contain artificially declared...
Keras 3.13.0 HDF5 Shape Fuzzing for Robustness Testing
This script performs fuzz testing against Keras version 3.13.0 on randomly generated tensor shapes using NumPy and HDF5 to evaluate stability and error handling in file creation workflows...
Keras 3.13.0 Bulk Generator for Large-Scale HDF5 Shape Test Models
This script is a parallel batch generator designed to create multiple .keras model files using a thread pool. Each file is generated with a predefined set of large tensor shapes intended for stress testing or memory-impact evaluation in HDF5/Keras workflows...
EUVD-2026-24624
Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0...
EUVD-2026-24620
Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...
EUVD-2026-24626
Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0...
EUVD-2026-24618
Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0...
EUVD-2026-24616
Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0...
EUVD-2026-24628
Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior to commit 1.30.0...