Paddlepaddle@* Security Vulnerabilities and Issues — Paddlepaddle@* CVE List

Lucene search

PaddlepaddlePaddlepaddle*

26 matches found

CVE•added 2023/07/26 11:15 a.m.•145 views

CVE-2023-38670

Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of service.

7.5CVSS5.8AI score0.00168EPSS

CVE•added 2023/07/26 12:15 p.m.•130 views

CVE-2023-38673

PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability to execute arbitrary commands on the operating system.

9.8CVSS9.9AI score0.00342EPSS

CVE•added 2023/07/26 11:15 a.m.•124 views

CVE-2023-38671

Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.

9.8CVSS9.2AI score0.00341EPSS

CVE•added 2024/03/07 1:15 p.m.•81 views

CVE-2024-0818

Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before 2.6

9.1CVSS9.2AI score0.00329EPSS

CVE•added 2022/12/07 8:15 a.m.•73 views

CVE-2022-46741

Out-of-bounds read in gather_tree in PaddlePaddle before 2.4.

9.1CVSS9.1AI score0.0037EPSS

CVE•added 2022/11/26 2:15 a.m.•61 views

CVE-2022-45908

In PaddlePaddle before 2.4, paddle.audio.functional.get_window is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution.

9.8CVSS9.7AI score0.00107EPSS

CVE•added 2023/07/26 10:15 a.m.•51 views

CVE-2023-38669

Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition.

9.8CVSS9.7AI score0.0029EPSS

CVE•added 2024/01/03 9:15 a.m.•41 views

CVE-2023-38677

FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00097EPSS

CVE•added 2024/01/03 9:15 a.m.•41 views

CVE-2023-52314

PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating system.

9.8CVSS9.9AI score0.00256EPSS

CVE•added 2023/07/26 12:15 p.m.•40 views

CVE-2023-38672

FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS5.7AI score0.00097EPSS

CVE•added 2024/01/03 9:15 a.m.•40 views

CVE-2023-38678

OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00096EPSS

CVE•added 2024/01/03 9:15 a.m.•40 views

CVE-2023-52305

FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00097EPSS

CVE•added 2024/01/03 9:15 a.m.•40 views

CVE-2023-52310

PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system.

9.8CVSS9.9AI score0.00256EPSS

CVE•added 2024/01/03 9:15 a.m.•39 views

CVE-2023-52312

Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00113EPSS

CVE•added 2024/01/03 9:15 a.m.•38 views

CVE-2023-52311

PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system.

9.8CVSS9.9AI score0.00256EPSS

CVE•added 2024/01/03 9:15 a.m.•37 views

CVE-2023-52303

Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00113EPSS

CVE•added 2024/01/03 9:15 a.m.•35 views

CVE-2023-52304

Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.

9.8CVSS9.3AI score0.00156EPSS

CVE•added 2024/01/03 9:15 a.m.•34 views

CVE-2023-38676

Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00113EPSS

CVE•added 2024/01/03 9:15 a.m.•34 views

CVE-2023-52309

Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.

9.8CVSS9.5AI score0.00131EPSS

CVE•added 2024/01/03 9:15 a.m.•33 views

CVE-2023-52308

FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00097EPSS

CVE•added 2024/01/03 9:15 a.m.•32 views

CVE-2023-38674

FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00097EPSS

CVE•added 2024/01/03 9:15 a.m.•32 views

CVE-2023-52313

FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00097EPSS

CVE•added 2024/01/03 9:15 a.m.•31 views

CVE-2023-38675

FPE in paddle.linalg.matrix_rank in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00097EPSS

CVE•added 2024/01/03 9:15 a.m.•30 views

CVE-2023-52306

FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00097EPSS

CVE•added 2024/01/03 9:15 a.m.•29 views

CVE-2023-52302

Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

7.5CVSS7.3AI score0.00122EPSS

CVE•added 2024/01/03 9:15 a.m.•29 views

CVE-2023-52307

Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.

9.8CVSS9.3AI score0.00131EPSS