PaddlePaddle Security Vulnerabilities
8.2CVSS
7.4AI Score
0.0004EPSS
Command injection in paddle.utils.download._wget_download (bypass filter) in paddlepaddle/paddle...
9.3CVSS
7.8AI Score
0.0004EPSS
9.1CVSS
7.4AI Score
0.0004EPSS
9.4CVSS
8.2AI Score
0.0004EPSS
9.3CVSS
7.8AI Score
0.0004EPSS
9.3CVSS
7.9AI Score
0.0004EPSS
OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating...
9.8CVSS
8.6AI Score
0.001EPSS
FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating...
9.8CVSS
8.6AI Score
0.001EPSS
Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more...
9.8CVSS
7.6AI Score
0.001EPSS
FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more...
9.8CVSS
7.6AI Score
0.001EPSS
FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating...
9.8CVSS
8.6AI Score
0.001EPSS
Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is...
9.8CVSS
7.8AI Score
0.001EPSS
FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
FPE in paddle.linalg.matrix_rank in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code...
9.8CVSS
9.8AI Score
0.003EPSS
9.1CVSS
9.1AI Score
0.002EPSS
FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and a denial of...
7.5CVSS
7.3AI Score
0.0005EPSS
Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. This flaw can lead to a denial of service, information disclosure, or more damage is...
9.8CVSS
9.4AI Score
0.001EPSS
PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability to execute arbitrary commands on the operating...
9.8CVSS
9.9AI Score
0.001EPSS
Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of...
7.5CVSS
7.4AI Score
0.0005EPSS
Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable...
9.8CVSS
9.7AI Score
0.001EPSS
In PaddlePaddle before 2.4, paddle.audio.functional.get_window is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code...
9.8CVSS
9.8AI Score
0.003EPSS
The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used...
9.3CVSS
9.3AI Score
0.002EPSS