Lucene search
+L

57 matches found

vulnersOsv
vulnersOsv
added 2025/09/24 1:43 p.m.3 views

cosmos-predict2 (>=1.0.6 <=1.0.9), frankenstein-model (>=5.1.6 <=5.3.9) +8 more potentially affected by CVE-2025-23349 via megatron-core (=0.10.0)

megatron-core PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on megatron-core and may be impacted: - cosmos-predict2 =1.0.6, =5.1.6, =1.0.0, =2.0.8, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.9 Source cves: CVE-2025-23349...

7.8CVSS7AI score0.0022EPSS
Exploits0
Cvelist
Cvelist
added 2025/09/24 1:13 p.m.10 views

CVE-2025-23348

NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretraingpt script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data...

7.8CVSS0.0022EPSS
Exploits0References3
OSV
OSV
added 2025/09/09 9:19 p.m.5 views

GHSA-6VM5-6JV9-RJPJ MONAI: Unsafe torch usage may lead to arbitrary code execution

Summary In modeldict = torch.loadfullpath, maplocation=torch.devicedevice, weightsonly=True in monai/bundle/scripts.py , weightsonly=True is loaded securely. However, insecure loading methods still exist elsewhere in the project, such as when loading checkpoints. This is a common practice when...

8.8CVSS6AI score0.00684EPSS
Exploits1References6
vulnersOsv
vulnersOsv
added 2025/06/24 3:46 p.m.7 views

cosmos-predict2 (>=1.0.6 <=1.0.9), frankenstein-model (>=5.1.6 <=5.3.9) +8 more potentially affected by CVE-2025-23264 via megatron-core (=0.10.0)

megatron-core PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on megatron-core and may be impacted: - cosmos-predict2 =1.0.6, =5.1.6, =1.0.0, =2.0.8, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.9 Source cves: CVE-2025-23264...

7.8CVSS7AI score0.00276EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/06/24 3:46 p.m.4 views

cosmos-predict2 (>=1.0.6 <=1.0.9), frankenstein-model (>=5.1.6 <=5.3.9) +8 more potentially affected by CVE-2025-23265 via megatron-core (=0.10.0)

megatron-core PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on megatron-core and may be impacted: - cosmos-predict2 =1.0.6, =5.1.6, =1.0.0, =2.0.8, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.9 Source cves: CVE-2025-23265...

7.8CVSS7AI score0.00276EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.5 views

Don't Throw the Baby out with the Bathwater: How and Why Deep Learning for ARC

The Abstraction and Reasoning Corpus ARC-AGI presents a formidable challenge for AI systems. Despite the typically low performance on ARC, the deep learning paradigm remains the most effective known strategy for generating skillful state-of-the-art neural networks NN across varied modalities and...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/07 12:0 a.m.5 views

Can In-Context Reinforcement Learning Recover from Reward Poisoning Attacks?

We study the corruption-robustness of in-context reinforcement learning ICRL, focusing on the Decision-Pretrained Transformer DPT, Lee et al., 2023. To address the challenge of reward poisoning attacks targeting the DPT, we propose a novel adversarial training framework, called Adversarially...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/16 12:0 a.m.6 views

Adversarially Robust Spiking Neural Networks with Sparse Connectivity

Deployment of deep neural networks in resource-constrained embedded systems requires innovative algorithmic solutions to facilitate their energy and memory efficiency. To further ensure the reliability of these systems against malicious actors, recent works have extensively studied adversarial...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/16 12:0 a.m.6 views

Secure Transfer Learning: Training Clean Models against Backdoor in (Both) Pre-Trained Encoders and Downstream Datasets

Transfer learning from pre-trained encoders has become essential in modern machine learning, enabling efficient model adaptation across diverse tasks. However, this combination of pre-training and downstream adaptation creates an expanded attack surface, exposing models to sophisticated backdoor...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/04/10 12:0 a.m.8 views

PT-2024-26627

Name of the Vulnerable Software and Affected Versions huggingface/transformers affected versions not specified Description The issue allows for arbitrary code execution through deserialization of untrusted data within the load repo checkpoint function of the TFPreTrainedModel class. Attackers can...

9.6CVSS6.9AI score0.02067EPSS
Exploits2References12
Prion
Prion
added 2024/02/11 3:15 a.m.21 views

Deserialization of untrusted data

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22 and classified as problematic. This issue affects the function applyxseg of the file main.py. The manipulation leads to deserialization. The attack may be initiated remotely. The complexity of ...

5.1CVSS7.1AI score0.00646EPSS
Exploits0References3
NVD
NVD
added 2024/01/18 1:15 a.m.25 views

CVE-2024-0654

A vulnerability, which was classified as problematic, was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. Affected is an unknown function of the file mainscripts/Util.py. The manipulation leads to deserialization. Local access is required to approach this attack. The exploit has been...

7.8CVSS6.1AI score0.00272EPSS
Exploits0References4
Prion
Prion
added 2024/01/18 1:15 a.m.20 views

Deserialization of untrusted data

A vulnerability, which was classified as problematic, was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. Affected is an unknown function of the file mainscripts/Util.py. The manipulation leads to deserialization. Local access is required to approach this attack. The exploit has been...

4.3CVSS7.2AI score0.00272EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/01/18 1:0 a.m.34 views

CVE-2024-0654 DeepFaceLab Util.py deserialization

A vulnerability, which was classified as problematic, was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. Affected is an unknown function of the file mainscripts/Util.py. The manipulation leads to deserialization. Local access is required to approach this attack. The exploit has been...

5.3CVSS7.9AI score0.00272EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/17 12:0 a.m.6 views

PT-2024-15721 · Unknown · Deepfacelab

Name of the Vulnerable Software and Affected Versions: DeepFaceLab pretrained DF.wf.288res.384.92.72.22 Description: A problematic vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. The issue affects an unknown function of the file mainscripts/Util.py and leads to...

7.8CVSS5.5AI score0.00272EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/12/10 12:0 a.m.6 views

DeepFaceLab Code Issues Vulnerabilities

DeepFaceLab is a leading software for video face swapping by iperov individual developers. A code issue vulnerability exists in DeepFaceLab pretrained DF.wf.288res.384.92.72.22 version, which stems from a deserialization vulnerability in the file DFLIMG/DFLJPG.py...

7.5CVSS7.1AI score0.00853EPSS
Exploits0References4
n0where
n0where
added 2017/02/14 5:45 a.m.29 views

Detects Clickbait Headlines Using Deep Learning: Clickbait Detector

Detects Clickbait Headlines Using Deep Learning People continually fall for clickbait and as Wired in it’s article mentioned Whether you think clickbait is on the rise, obscurant and self-negating, not such a big deal, or the root of all evil, one thing is clear about it: It’s increasingly hard t...

7.2AI score
Exploits0References3
Rows per page
Query Builder