Lucene search
+L

6 matches found

osv
osv
added 2026/06/22 10:10 p.m.4 views

CVE-2026-54233 vLLM: OOM Denial of Service via Audio Decompression Bomb

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compressed upload size but not decoded PCM output. A 25MB OPUS file expands to 14.9GB of float32 PCM at decode time. This vulnerability is fixed in 0.23.1rc0...

6.5CVSS5.9AI score0.00243EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2024/08/21 3:9 p.m.18 views

CVE-2024-43410 Russh has an OOM Denial of Service due to allocation of untrusted amount

Russh is a Rust SSH client & server library. Allocating an untrusted amount of memory allows any unauthenticated user to OOM a russh server. An SSH packet consists of a 4-byte big-endian length, followed by a byte stream of this length. After parsing and potentially decrypting the 4-byte length,...

7.5CVSS6.8AI score0.00912EPSS
Exploits1References2
cvelist
cvelist
added 2024/08/21 3:9 p.m.25 views

CVE-2024-43410 Russh has an OOM Denial of Service due to allocation of untrusted amount

Russh is a Rust SSH client & server library. Allocating an untrusted amount of memory allows any unauthenticated user to OOM a russh server. An SSH packet consists of a 4-byte big-endian length, followed by a byte stream of this length. After parsing and potentially decrypting the 4-byte length,...

7.5CVSS0.00912EPSS
Exploits1References2
github
github
added 2022/02/09 11:39 p.m.66 views

Integer overflows in Tensorflow

Impact The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial of service: python import tensorflow as tf import...

6.5CVSS3AI score0.01097EPSS
Exploits1References9Affected Software3
osv
osv
added 2022/02/03 12:15 p.m.18 views

PYSEC-2022-76

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

6.5CVSS3.6AI score0.01097EPSS
Exploits1References5
cvelist
cvelist
added 2022/02/03 11:52 a.m.21 views

CVE-2022-23567 Integer overflows in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

6.5CVSS6.6AI score0.01097EPSS
Exploits1References5
Rows per page
Query Builder