317 matches found
CVE-2025-65889
A type validation flaw in the flow.dstack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
EUVD-2025-206431
A segmentation violation in the oneflow.logicalor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
Oneflow security vulnerabilities
OneFlow is an open-source deep learning framework developed by OneFlow. Version 0.9.0 of OneFlow contains a security vulnerability. This vulnerability stems from a problem with the flow.floordivide component, which allows zero-division attacks, potentially leading to denial-of-service attacks usi...
Oneflow security vulnerabilities
Oneflow is an open-source deep learning framework developed by Oneflow. Version 0.9.0 of Oneflow contains a security vulnerability. This vulnerability stems from a flaw in the flow.cuda.getdevicecapability component, which lacks proper verification of GPU device IDs. This could lead to...
Oneflow security vulnerabilities
Oneflow is an open-source deep learning framework developed by Oneflow. Version 0.9.0 of Oneflow contains a security vulnerability, which stems from a shape mismatch issue. This vulnerability could lead to denial-of-service attacks using specially crafted tensor shapes...
PT-2026-5177
An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71004
A segmentation violation in the oneflow.logicalor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71001
A segmentation violation in the flow.columnstack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71000
An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71001
A segmentation violation in the flow.columnstack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71007
An input validation vulnerability in the oneflow.indexadd component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
EUVD-2025-206413
An input validation vulnerability in the oneflow.indexadd component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
EUVD-2025-206474
A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS by calling flow.cuda.synchronize with an invalid or out-of-range GPU device index...
CVE-2025-71000
An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-65890
A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS by calling flow.cuda.synchronize with an invalid or out-of-range GPU device index...
PT-2026-5148
A GPU device-ID validation flaw in the flow.cuda.get device capability component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted device ID...
CVE-2025-70999
A GPU device-ID validation flaw in the flow.cuda.getdevicecapability component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted device ID...
CVE-2025-65889
A type validation flaw in the flow.dstack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71001
CVE-2025-71001 affects OneFlow v0.9.0 in the flow.column_stack component, where a segmentation fault can be triggered by crafted input to cause a Denial of Service. The vulnerability is documented across multiple sources (NVD/Red Hat/OSV/etc.) with no fixed version provided by the included refere...
CVE-2025-65891
A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice DoS by invoking flow.cuda.getdeviceproperties with an invalid or negative device index...