317 matches found
CVE-2025-71007
An input validation vulnerability in the oneflow.indexadd component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
PT-2026-5214
Name of the Vulnerable Software and Affected Versions OneFlow version 0.9.0 Description A crafted input to the oneflow.view component can trigger a floating point exception FPE, leading to a Denial of Service DoS. Recommendations At the moment, there is no information about a newer version that...
CVE-2025-65886
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...
CVE-2025-71007
An input validation vulnerability in the oneflow.indexadd component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
PT-2026-5223
Name of the Vulnerable Software and Affected Versions OneFlow version 0.9.0 Description An input validation issue exists in the oneflow.index add component. This can be exploited to cause a Denial of Service DoS by providing a crafted input. Recommendations Update to a newer version that contains...
PT-2026-5178
A segmentation violation in the flow.column stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
Oneflow security vulnerabilities
OneFlow is an open-source deep learning framework developed by OneFlow. Version 0.9.0 of OneFlow contains a security vulnerability, which stems from insufficient input validation in the flow.arange component. This vulnerability could lead to denial-of-service attacks...
EUVD-2025-206473
A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice DoS by invoking flow.cuda.getdeviceproperties with an invalid or negative device index...
CVE-2025-65891
A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice DoS by invoking flow.cuda.getdeviceproperties with an invalid or negative device index...
CVE-2025-71002
A floating-point exception FPE in the flow.columnstack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
EUVD-2025-206413
An input validation vulnerability in the oneflow.indexadd component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
EUVD-2025-206481
A dimension validation flaw in the flow.empty component of OneFlow 0.9.0 allows attackers to cause a Denial of Service DoS via a negative or excessively large dimension value...
PT-2026-5140
A dimension validation flaw in the flow.empty component of OneFlow 0.9.0 allows attackers to cause a Denial of Service DoS via a negative or excessively large dimension value...
CVE-2025-65887
A division-by-zero vulnerability in the flow.floordivide component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input tensor with zero...
CVE-2025-70999
A GPU device-ID validation flaw in the flow.cuda.getdevicecapability component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted device ID...
CVE-2025-65891
A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice DoS by invoking flow.cuda.getdeviceproperties with an invalid or negative device index...
CVE-2025-65886
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...
CVE-2025-71005
A floating point exception FPE in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
PT-2026-5215
Name of the Vulnerable Software and Affected Versions OneFlow version 0.9.0 Description A crafted input to the oneflow.reshape component can trigger a floating point exception FPE, leading to a Denial of Service DoS. Recommendations At the moment, there is no information about a newer version tha...
CVE-2025-65888
The entries for CVE-2025-65888 describe a concrete flaw in OneFlow 0.9.0: a dimension validation issue in the flow.empty() component that allows a Denial of Service when given a negative or excessively large dimension value. The vulnerability is supported across multiple feeds (NVD, Red Hat, CIRC...