Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45908 | 1 Paddlepaddle | 1 Paddlepaddle | 2025-04-25 | N/A | 9.8 CRITICAL |
|
In PaddlePaddle before 2.4, paddle.audio.functional.get_window is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution.
|
|||||
| CVE-2024-1603 | 1 Paddlepaddle | 1 Paddlepaddle | 2025-01-24 | N/A | 7.5 HIGH |
|
paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.read_file.
|
|||||
| CVE-2024-0818 | 1 Paddlepaddle | 1 Paddlepaddle | 2025-01-23 | N/A | 9.1 CRITICAL |
|
Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before 2.6
|
|||||
| CVE-2024-0917 | 1 Paddlepaddle | 1 Paddlepaddle | 2025-01-19 | N/A | 9.8 CRITICAL |
|
remote code execution in paddlepaddle/paddle 2.6.0
|
|||||
| CVE-2024-0817 | 1 Paddlepaddle | 1 Paddlepaddle | 2025-01-19 | N/A | 7.8 HIGH |
|
Command injection in IrGraph.draw in paddlepaddle/paddle 2.6.0
|
|||||
| CVE-2024-0815 | 1 Paddlepaddle | 1 Paddlepaddle | 2025-01-19 | N/A | 8.8 HIGH |
|
Command injection in paddle.utils.download._wget_download (bypass filter) in paddlepaddle/paddle 2.6.0
|
|||||
| CVE-2023-52314 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 9.6 CRITICAL |
|
PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating system.
|
|||||
| CVE-2023-52313 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-52312 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-52311 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 9.6 CRITICAL |
|
PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system.
|
|||||
| CVE-2023-52310 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 9.6 CRITICAL |
|
PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system.
|
|||||
| CVE-2023-52309 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 8.2 HIGH |
|
Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
|
|||||
| CVE-2023-52308 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-52307 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 8.2 HIGH |
|
Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
|
|||||
| CVE-2023-52306 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-52305 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-52304 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 8.2 HIGH |
|
Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
|
|||||
| CVE-2023-52303 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-52302 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-38678 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-38677 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-38676 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-38675 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
FPE in paddle.linalg.matrix_rank in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-38674 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-38673 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 9.6 CRITICAL |
|
PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability to execute arbitrary commands on the operating system.
|
|||||
| CVE-2023-38672 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and a denial of service.
|
|||||
| CVE-2023-38671 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 8.3 HIGH |
|
Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
|
|||||
| CVE-2023-38670 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 4.7 MEDIUM |
|
Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of service.
|
|||||
| CVE-2023-38669 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 8.3 HIGH |
|
Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition.
|
|||||
| CVE-2022-46742 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 10.0 CRITICAL |
|
Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution.
|
|||||
| CVE-2022-46741 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | N/A | 7.1 HIGH |
|
Out-of-bounds read in gather_tree in PaddlePaddle before 2.4.
|
|||||