Lucene search
+L

14 matches found

NVD
NVD
added 5 days ago6 views

CVE-2026-15531

A vulnerability has been found in yashbhalgat HashNeRF-pytorch up to 82885e698295982504eb6a26d060a6b2473e3706. Affected by this issue is the function torch.load of the file runnerf.py of the component Checkpoint File Handler. The manipulation of the argument ckptpath leads to deserialization. The...

5.3CVSS0.00121EPSS
Exploits0References7
CVE
CVE
added 5 days ago10 views

CVE-2026-15531

The CVE-2026-15531 entry affects yashbhalgat HashNeRF-pytorch (up to commit 82885e698295982504eb6a26d060a6b2473e3706). The vulnerable component is the Checkpoint File Handler’s run_nerf.py, specifically the function torch.load, where deserialization can be triggered by manipulating the ckpt_path ...

5.3CVSS5.6AI score0.00121EPSS
Exploits0References7
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-43277

A vulnerability has been found in yashbhalgat HashNeRF-pytorch up to 82885e698295982504eb6a26d060a6b2473e3706. Affected by this issue is the function torch.load of the file runnerf.py of the component Checkpoint File Handler. The manipulation of the argument ckptpath leads to deserialization. The...

5.3CVSS5.6AI score0.00121EPSS
Exploits0References7
Veracode
Veracode
added 2025/07/01 4:31 a.m.5 views

Remote Code Execution (RCE)

llamafactory is vulnerable to Remote Code Execution RCE. The vulnerability is due to the unsafe loading of the vheadfile argument without the weightsonly=True safeguard, allowing attackers to exploit the Checkpoint path parameter via the WebUI to execute arbitrary code...

9.8CVSS8.4AI score0.01054EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/06/27 3:27 p.m.8 views

GHSA-XJ56-P8MM-QMXJ LLaMA-Factory allows Code Injection through improper vhead_file safeguards

Summary A critical remote code execution vulnerability was discovered during the Llama Factory training process. This vulnerability arises because the vheadfile is loaded without proper safeguards, allowing malicious attackers to execute arbitrary malicious code on the host system simply by passi...

8.3CVSS6.7AI score0.01054EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/05/05 12:0 a.m.7 views

Retrieval-based-Voice-Conversion-WebUI 代码注入漏洞

Retrieval-based-Voice-Conversion-WebUI is an open source voice training modeling tool from RVC-Project. A code injection vulnerability exists in Retrieval-based-Voice-Conversion-WebUI version 2.2.231006 and earlier, which stems from improper handling of the ckptpath2 variable and could lead to...

9.8CVSS8.2AI score0.00799EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/05/05 12:0 a.m.6 views

Retrieval-based-Voice-Conversion-WebUI 代码问题漏洞

Retrieval-based-Voice-Conversion-WebUI is an open source voice training modeling tool from RVC-Project. A code issue vulnerability exists in Retrieval-based-Voice-Conversion-WebUI version 2.2.231006 and earlier, which stems from improper handling of the ckptpath0 variable, and could lead to unsaf...

9.8CVSS7.9AI score0.00772EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.8 views

PT-2025-14773 · Unknown · Thu-Pacman Chitu

Name of the Vulnerable Software and Affected Versions: thu-pacman chitu version 0.1.0 Description: A critical vulnerability has been found in thu-pacman chitu. This issue affects the torch.load function in the file chitu/chitu/backend.py. The manipulation of the ckpt path/quant ckpt dir argument...

5.3CVSS5.6AI score0.00193EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.5 views

SUSE CVE-2021-29561

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from tf.rawops.LoadAndRemapMatrix. This is because the...

5.5CVSS5.4AI score0.00189EPSS
Exploits1References3
OSV
OSV
added 2021/05/21 2:24 p.m.12 views

GHSA-GVM4-H8J3-RJRQ CHECK-fail in `LoadAndRemapMatrix`

Impact An attacker can cause a denial of service by exploiting a CHECK-failure coming from tf.rawops.LoadAndRemapMatrix: python import tensorflow as tf ckptpath = tf.constant, shape=0, dtype=tf.string oldtensorname = tf.constant"" rowremapping = tf.constant, shape=0, dtype=tf.int64 colremapping =...

2.5CVSS6AI score0.00189EPSS
Exploits1References7
PyPA
PyPA
added 2021/05/14 8:15 p.m.6 views

PYSEC-2021-198

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from tf.rawops.LoadAndRemapMatrix. This is because the...

5.5CVSS6.8AI score0.00189EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/05/14 8:15 p.m.7 views

PYSEC-2021-687

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from tf.rawops.LoadAndRemapMatrix. This is because the...

5.5CVSS5.9AI score0.00189EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2021/05/14 7:17 p.m.5 views

CVE-2021-29561

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from tf.rawops.LoadAndRemapMatrix. This is because the...

5.5CVSS6.8AI score0.00189EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2021/05/14 12:0 a.m.6 views

PT-2021-18312 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: An attacker can cause a denial of service by exploiting a CHECK-failure coming from tf.raw...

5.5CVSS5.2AI score0.00189EPSS
Exploits1References13
Rows per page
Query Builder