Lucene search
+L

12 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-443 PaddlePaddle vulnerable to code injection via winstr

In PaddlePaddle before 2.4, paddle.audio.functional.getwindow is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution...

9.8CVSS7.6AI score0.01281EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-4732

Malware in sbrugna...

5.5CVSS5.3AI score0.00961EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/12/07 9:30 a.m.29 views

PaddlePaddle vulnerable to Code Injection

Code injection in paddle.audio.functional.getwindow in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution. A patch is available on the develop branch of the repository and anticipated to be part of a 2.4 release...

10CVSS9.6AI score0.01087EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/12/07 9:30 a.m.69 views

GHSA-GCJF-29M9-888Q PaddlePaddle vulnerable to Code Injection

Code injection in paddle.audio.functional.getwindow in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution. A patch is available on the develop branch of the repository and anticipated to be part of a 2.4 release...

9.8CVSS9.8AI score0.01087EPSS
Exploits1References6
PyPA
PyPA
added 2022/12/07 9:15 a.m.8 views

PYSEC-2022-43063

Code injection in paddle.audio.functional.getwindow in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution...

10CVSS8AI score0.01087EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2022/12/07 12:0 a.m.7 views

PaddlePaddle 代码注入漏洞

PaddlePaddle is an independent R&D deep learning platform open-sourced by China's PaddlePaddle. PaddlePaddle versions prior to 2.4 have a security vulnerability that stems from. , code injection exists in paddle.audio.functional.getwindow, allowing arbitrary code execution...

10CVSS8.8AI score0.01087EPSS
Exploits1References2
NVD
NVD
added 2019/08/15 5:15 p.m.22 views

CVE-2019-13219

A NULL pointer dereference in the getwindow function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file...

5.5CVSS5.2AI score0.00961EPSS
Exploits0References4
OSV
OSV
added 2019/08/15 5:15 p.m.21 views

CVE-2019-13219

A NULL pointer dereference in the getwindow function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file...

5.5CVSS6.8AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/08/15 5:15 p.m.35 views

CVE-2019-13219

A NULL pointer dereference in the getwindow function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file...

5.5CVSS6.1AI score0.00961EPSS
Exploits0References4
Prion
Prion
added 2019/08/15 5:15 p.m.21 views

Null pointer dereference

A NULL pointer dereference in the getwindow function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file...

4.3CVSS5.4AI score0.00961EPSS
Exploits0References4Affected Software2
Debian CVE
Debian CVE
added 2019/08/15 12:0 a.m.27 views

CVE-2019-13219

A NULL pointer dereference in the getwindow function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file...

5.5CVSS5.2AI score0.00961EPSS
Exploits0
CVE
CVE
added 2019/08/15 12:0 a.m.84 views

CVE-2019-13219

CVE-2019-13219 concerns the stb project (stb_vorbis). The connected OpenSUSE/OSV/Debian entries indicate this CVE is addressed in updates for the stb package (e.g., openSUSE-SU-2025:0039-1) and related Debian/DLA entries. The concrete issue is described as an uninitialized memory problem in vorbi...

5.5CVSS5.3AI score0.00961EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder