Loading HuntDB...

Vulnerabilities

CVE-2024-1603

HIGH

paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.read_file.

Published Mar 23, 2024

CVE-2024-0818

CRITICAL

Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before 2.6

Published Mar 07, 2024

CVE-2024-0917

CRITICAL

remote code execution in paddlepaddle/paddle 2.6.0

Published Mar 07, 2024

CVE-2024-0815

CRITICAL

Command injection in paddle.utils.download._wget_download (bypass filter) in paddlepaddle/paddle 2.6.0

Published Mar 07, 2024

CVE-2024-0817

CRITICAL

Command injection in IrGraph.draw in paddlepaddle/paddle 2.6.0

Published Mar 07, 2024

CVE-2024-0521

CRITICAL

Code Injection in paddlepaddle/paddle

Published Jan 20, 2024

CVE-2023-52314

CRITICAL

PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating system.

Published Jan 03, 2024

CVE-2023-52313

MEDIUM

FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-52312

MEDIUM

Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-52311

CRITICAL

PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system.

Published Jan 03, 2024

CVE-2023-52310

CRITICAL

PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system.

Published Jan 03, 2024

CVE-2023-52309

HIGH

Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.

Published Jan 03, 2024

CVE-2023-52308

MEDIUM

FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-52307

HIGH

Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.

Published Jan 03, 2024

CVE-2023-52306

MEDIUM

FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-52305

MEDIUM

FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-52304

HIGH

Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.

Published Jan 03, 2024

CVE-2023-52303

MEDIUM

Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-52302

MEDIUM

Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-38678

MEDIUM

OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-38677

MEDIUM

FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-38676

MEDIUM

Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-38675

MEDIUM

FPE in paddle.linalg.matrix_rank in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-38674

MEDIUM

FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

Published Jan 03, 2024

CVE-2023-38673

CRITICAL

PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability to execute arbitrary commands on the operating system.

Published Jul 26, 2023

CVE-2023-38672

MEDIUM

FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and a denial of service.

Published Jul 26, 2023

CVE-2023-38671

HIGH

Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.

Published Jul 26, 2023

CVE-2023-38670

MEDIUM

Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of service.

Published Jul 26, 2023

CVE-2023-38669

HIGH

Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition.

Published Jul 26, 2023

CVE-2022-46742

CRITICAL

Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution.

Published Dec 07, 2022

CVE-2022-46741

HIGH

Out-of-bounds read in gather_tree in PaddlePaddle before 2.4. 

Published Dec 07, 2022