Lucene search
K

76 matches found

F5 Networks
F5 Networks
added 2025/05/19 2:47 a.m.20 views

K000151398: PyTorch vulnerability CVE-2025-32434

Security Advisory Description PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model...

9.8CVSS9.3AI score0.01917EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.16 views

CBL Mariner 2.0 Security Update: pytorch (CVE-2025-32434)

The version of pytorch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32434 advisory. - PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural...

9.8CVSS8.5AI score0.01917EPSS
Exploits1References2
Veracode
Veracode
added 2025/03/13 10:4 a.m.10 views

Arbitrary Code Execution (ACE)

PickleScan is vulnerable to Arbitrary Code Execution ACE. The vulnerability is due to PickleScan failing to detect malicious pickle files when specific ZIP file flag bits are modified, allowing attackers to embed harmful pickle files that remain unnoticed while still being loaded by PyTorch’s...

9.8CVSS7AI score0.00512EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2025/02/27 2:18 a.m.7 views

CVE-2025-21784

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in pspinitcapmicrocode In function pspinitcapmicrocode, it should bail out when failed to load firmware, otherwise it may cause invalid memory access...

5.5CVSS5.6AI score0.00193EPSS
Exploits0
Citrix
Citrix
added 2025/02/25 12:0 a.m.8 views

Citrix Profile Management fails to load When User Personalization Layer is enabled

When User Personalization Layer UPL is enabled, Citrix Profile Management CPM profile is is not loaded. If UPL is not enabled, CPM profile does load...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 3:33 a.m.4 views

CVE-2024-45050

Ringer server is the server code for the Ringer messaging app. Prior to version 1.3.1, there is an issue with the messages loading route where Ringer Server does not check to ensure that the user loading the conversation is actually a member of that conversation. This allows any user with a Lif...

7.1CVSS7AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2025/01/16 7:23 a.m.11 views

BIT-PYTHON-MIN-2020-8315

In Python CPython 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected...

5.5CVSS5.5AI score0.01345EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/11/15 12:0 a.m.9 views

Fedora 37 : php-twig (2022-c6fe3ebd94)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-c6fe3ebd94 advisory. Version 1.44.7 2022-09-28 Fix a security issue on filesystem loader possibility to load a template outside a configured directory Tenable has extracted the...

7.5CVSS7.3AI score0.01557EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.5 views

The vulnerability of the stbi__load_gif_main component in the C/C++ Libstb library, related to the repeated release of memory, allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the stbiloadgifmain component in the C/C++ Libstb library is related to the repeated release of memory. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

10CVSS7.4AI score0.00959EPSS
Exploits0References9Affected Software3
Positive Technologies
Positive Technologies
added 2023/11/22 12:0 a.m.7 views

PT-2023-12041 · Elastic · Kibana

Name of the Vulnerable Software and Affected Versions: Kibana affected versions not specified Description: A security issue was found in Kibana where it failed to validate a user-supplied path, allowing the loading of .pbf files. This could enable a malicious user to traverse the Kibana host and...

4.3CVSS4.2AI score0.00704EPSS
Exploits0References6
OSV
OSV
added 2023/09/05 7:59 a.m.7 views

SUSE-SU-2023:3528-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2023-3823: Fixed an issue with external entity loading in XML without enabling it. bsc1214106 - CVE-2023-3824: Fixed a buffer overflow in phardirread. bsc1214103...

9.8CVSS9.6AI score0.08003EPSS
Exploits4References5
OSV
OSV
added 2023/03/08 4:29 p.m.8 views

SUSE-SU-2023:0682-1 Security update for nodejs12

This update for nodejs12 fixes the following issues: - CVE-2023-23920: Fixed insecure loading of ICU data through ICUDATA environment bsc1208487...

4.2CVSS6AI score0.00471EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:46 a.m.5 views

SUSE CVE-2012-2869

Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer."...

7.5CVSS9.7AI score0.01911EPSS
Exploits0References4
OSV
OSV
added 2022/12/22 8:15 p.m.6 views

CVE-2022-3034

When receiving an HTML email that specified to load an iframe element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird 102.2.1 and Thunderbird 91.13.1...

4.3CVSS8.2AI score
Exploits0References3
CNVD
CNVD
added 2022/10/13 12:0 a.m.2 views

SONY Content Transfer Code Issue Vulnerability

SONY Content Transfer is a file transfer software from Sony Japan. It is suitable for customers who manage music, video, photo, and podcast content using iTunes, etc. SONY Content Transfer suffers from a code issue vulnerability that stems from the installer containing a DLL search path issue tha...

7.8CVSS7.7AI score0.00204EPSS
Exploits0References1
OSV
OSV
added 2022/10/01 5:48 p.m.3 views

MGASA-2022-0353 Updated libjpeg packages fix security vulnerability

The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the getwordrgbrow function in rdppm.c. CVE-2021-468...

5.5CVSS5.7AI score0.01009EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/09/29 12:0 a.m.5 views

PT-2022-24824 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.8.9 Discourse versions prior to 2.9.0.beta10 Description: A malicious actor can add large payloads of text into the Location and Website fields of a user profile, causing issues for other users when loading that...

4.3CVSS4.5AI score0.00805EPSS
Exploits0References8
CNNVD
CNNVD
added 2021/08/24 12:0 a.m.4 views

Apple iOS 安全漏洞

Apple iOS is a set of operating systems developed by Apple Inc. for mobile devices. A security vulnerability previously existed in Apple iOS 15 and iPadOS 15, which stemmed from a logic issue when handling document loading...

6.5CVSS6.5AI score0.00855EPSS
Exploits0References3
PyPA
PyPA
added 2021/06/02 4:15 p.m.6 views

PYSEC-2021-92

An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load...

7.5CVSS7AI score0.02453EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2021/05/08 12:0 a.m.7 views

Adobe Genuine Service Code Issue Vulnerability

Adobe Genuine Service is a licensed software service from Adobe. A security vulnerability exists in Adobe Genuine Service 6.6 and earlier versions based on Window and macOS platforms, which stems from the program not loading libraries correctly. An attacker could exploit the vulnerability to...

6.5CVSS6.5AI score0.00683EPSS
Exploits0References1
Rows per page
Query Builder