76 matches found
K000151398: PyTorch vulnerability CVE-2025-32434
Security Advisory Description PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model...
CBL Mariner 2.0 Security Update: pytorch (CVE-2025-32434)
The version of pytorch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32434 advisory. - PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural...
Arbitrary Code Execution (ACE)
PickleScan is vulnerable to Arbitrary Code Execution ACE. The vulnerability is due to PickleScan failing to detect malicious pickle files when specific ZIP file flag bits are modified, allowing attackers to embed harmful pickle files that remain unnoticed while still being loaded by PyTorch’s...
CVE-2025-21784
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in pspinitcapmicrocode In function pspinitcapmicrocode, it should bail out when failed to load firmware, otherwise it may cause invalid memory access...
Citrix Profile Management fails to load When User Personalization Layer is enabled
When User Personalization Layer UPL is enabled, Citrix Profile Management CPM profile is is not loaded. If UPL is not enabled, CPM profile does load...
CVE-2024-45050
Ringer server is the server code for the Ringer messaging app. Prior to version 1.3.1, there is an issue with the messages loading route where Ringer Server does not check to ensure that the user loading the conversation is actually a member of that conversation. This allows any user with a Lif...
BIT-PYTHON-MIN-2020-8315
In Python CPython 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected...
Fedora 37 : php-twig (2022-c6fe3ebd94)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-c6fe3ebd94 advisory. Version 1.44.7 2022-09-28 Fix a security issue on filesystem loader possibility to load a template outside a configured directory Tenable has extracted the...
The vulnerability of the stbi__load_gif_main component in the C/C++ Libstb library, related to the repeated release of memory, allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the stbiloadgifmain component in the C/C++ Libstb library is related to the repeated release of memory. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
PT-2023-12041 · Elastic · Kibana
Name of the Vulnerable Software and Affected Versions: Kibana affected versions not specified Description: A security issue was found in Kibana where it failed to validate a user-supplied path, allowing the loading of .pbf files. This could enable a malicious user to traverse the Kibana host and...
SUSE-SU-2023:3528-1 Security update for php7
This update for php7 fixes the following issues: - CVE-2023-3823: Fixed an issue with external entity loading in XML without enabling it. bsc1214106 - CVE-2023-3824: Fixed a buffer overflow in phardirread. bsc1214103...
SUSE-SU-2023:0682-1 Security update for nodejs12
This update for nodejs12 fixes the following issues: - CVE-2023-23920: Fixed insecure loading of ICU data through ICUDATA environment bsc1208487...
SUSE CVE-2012-2869
Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer."...
CVE-2022-3034
When receiving an HTML email that specified to load an iframe element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird 102.2.1 and Thunderbird 91.13.1...
SONY Content Transfer Code Issue Vulnerability
SONY Content Transfer is a file transfer software from Sony Japan. It is suitable for customers who manage music, video, photo, and podcast content using iTunes, etc. SONY Content Transfer suffers from a code issue vulnerability that stems from the installer containing a DLL search path issue tha...
MGASA-2022-0353 Updated libjpeg packages fix security vulnerability
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the getwordrgbrow function in rdppm.c. CVE-2021-468...
PT-2022-24824 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.8.9 Discourse versions prior to 2.9.0.beta10 Description: A malicious actor can add large payloads of text into the Location and Website fields of a user profile, causing issues for other users when loading that...
Apple iOS 安全漏洞
Apple iOS is a set of operating systems developed by Apple Inc. for mobile devices. A security vulnerability previously existed in Apple iOS 15 and iPadOS 15, which stemmed from a logic issue when handling document loading...
PYSEC-2021-92
An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load...
Adobe Genuine Service Code Issue Vulnerability
Adobe Genuine Service is a licensed software service from Adobe. A security vulnerability exists in Adobe Genuine Service 6.6 and earlier versions based on Window and macOS platforms, which stems from the program not loading libraries correctly. An attacker could exploit the vulnerability to...