Linux Distros Unpatched Vulnerability : CVE-2025-3730

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file...

PyTorch Denial of Service Vulnerability (CNVD-2025-23353)

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a denial of service vulnerability caused by a floating point exception in torch.nn.functional.ctcloss. An attacker can exploit this vulnerability to cause a denial of service...

Improper Check for Unusual or Exceptional Conditions

Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the ctcloss function in LossCTC.cpp, when running on a CUDA system. An attacker can cause the...

AZL-60500 CVE-2025-3730 affecting package pytorch for versions less than 2.2.2-6

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

DEBIAN-CVE-2025-3730

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

AZL-60577 CVE-2025-3730 affecting package pytorch for versions less than 2.0.0-8

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

UBUNTU-CVE-2025-3730

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

CVE-2025-3730 PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of service

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

PT-2025-16902 · Pytorch +1 · Pytorch +1

Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0 Description: A problematic issue was found in the torch.nn.functional.ctc loss function, located in the file aten/src/ATen/native/LossCTC.cpp. This issue leads to denial of service and can be exploited locally...

CVE-2023-28995

CVE-2023-28995 is a CSRF in the WordPress plugin Configurable Tag Cloud (CTC) , affecting versions ≤ 5.2. The root cause is described as CSRF via the ctc_options_page() entry point, enabling unauthenticated actions on vulnerable sites. Patch/mitigation: update to version 5.3 or later (as indicate...

SUSE CVE-2021-29543

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.CTCGreedyDecoder. This is because the...

SUSE CVE-2021-29581

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.CTCBeamSearchDecoder, an attacker can trigger denial of service via segmentation faults. The...

GSD-2023-1001334 s390/ctcm: Fix return type of ctc{mp,}m_tx()

s390/ctcm: Fix return type of ctcmp,mtx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001009 s390/ctcm: Fix return type of ctc{mp,}m_tx()

s390/ctcm: Fix return type of ctcmp,mtx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

ctc-convergence.com Cross Site Scripting vulnerability OBB-2487681

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ctc-trading.com Cross Site Scripting vulnerability OBB-2475378

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2021-45896

Nokia FastMile 3TG00118ABAD52 devices allow privilege escalation by an authenticated user via isctcadmin=1 to loginwebapp.cgi and use of Import Config File...

GHSA-VVG4-VGRV-XFR7 Incomplete validation in `tf.raw_ops.CTCLoss`

Impact Incomplete validation in tf.rawops.CTCLoss allows an attacker to trigger an OOB read from heap: python import tensorflow as tf inputs = tf.constant, shape=10, 16, 0, dtype=tf.float32 labelsindices = tf.constant, shape=8, 0, dtype=tf.int64 labelsvalues = tf.constant-100 8, shape=8,...

GHSA-VQ2R-5XVM-3HC3 Segfault in `CTCBeamSearchDecoder`

Impact Due to lack of validation in tf.rawops.CTCBeamSearchDecoder, an attacker can trigger denial of service via segmentation faults: python import tensorflow as tf inputs = tf.constant, shape=18, 8, 0, dtype=tf.float32 sequencelength = tf.constant11, -43, -92, 11, -89, -83, -35, -100, shape=8,...

GHSA-FPHQ-GW9M-GHRV CHECK-fail in `CTCGreedyDecoder`

Impact An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.CTCGreedyDecoder: python import tensorflow as tf inputs = tf.constant, shape=18, 2, 0, dtype=tf.float32 sequencelength = tf.constant-100, 17, shape=2, dtype=tf.int32 mergerepeated = False...