CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52304 – Stack overflow in paddle.searchsorted
https://notcve.org/view.php?id=CVE-2023-52304
03 Jan 2024 — Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage. Desbordamiento de pila en paddle.searchsorted en PaddlePaddle antes de 2.6.0. Este fallo puede provocar una denegación de servicio o incluso más daños. Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. • https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-013.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52303 – Segfault in paddle.put_along_axis
https://notcve.org/view.php?id=CVE-2023-52303
03 Jan 2024 — Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. Puntero Null en paddle.put_along_axis en PaddlePaddle antes de 2.6.0. Este fallo puede provocar un bloqueo del tiempo de ejecución y una denegación de servicio. Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. • https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-012.md • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52302 – Segfault in paddle.nextafter
https://notcve.org/view.php?id=CVE-2023-52302
03 Jan 2024 — Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. Puntero Null en paddle.nextafter en PaddlePaddle antes de 2.6.0. Este fallo puede provocar un bloqueo del tiempo de ejecución y una denegación de servicio. Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. • https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-011.md • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38678 – Segfault in paddle.mode
https://notcve.org/view.php?id=CVE-2023-38678
03 Jan 2024 — OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. Acceso OOB en paddle.mode en PaddlePaddle antes de 2.6.0. Este fallo puede provocar un bloqueo del tiempo de ejecución y una denegación de servicio. OOB access in paddle.mode in PaddlePaddle before 2.6.0. • https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-010.md • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38677 – FPE in paddle.linalg.eig
https://notcve.org/view.php?id=CVE-2023-38677
03 Jan 2024 — FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. FPE en paddle.linalg.eig en PaddlePaddle antes de 2.6.0. Este fallo puede provocar un bloqueo del tiempo de ejecución y una denegación de servicio. • https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-009.md • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38676 – Segfault in paddle.dot
https://notcve.org/view.php?id=CVE-2023-38676
03 Jan 2024 — Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. Puntero Null en paddle.dot en PaddlePaddle antes de 2.6.0. Este fallo puede provocar un bloqueo del tiempo de ejecución y una denegación de servicio. Nullptr in paddle.dot in PaddlePaddle before 2.6.0. • https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-008.md • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38675 – FPE in paddle.linalg.matrix_rank
https://notcve.org/view.php?id=CVE-2023-38675
03 Jan 2024 — FPE in paddle.linalg.matrix_rank in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. FPE en paddle.linalg.matrix_rank en PaddlePaddle antes de 2.6.0. Este fallo puede provocar un bloqueo del tiempo de ejecución y una denegación de servicio. • https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-007.md • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38674 – FPE in paddle.nanmedian
https://notcve.org/view.php?id=CVE-2023-38674
03 Jan 2024 — FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. FPE en paddle.nanmedian en PaddlePaddle antes de 2.6.0. Este fallo puede provocar un bloqueo del tiempo de ejecución y una denegación de servicio. • https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-006.md • CWE-369: Divide By Zero •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38673 – Command injection in fs.py
https://notcve.org/view.php?id=CVE-2023-38673
26 Jul 2023 — PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability to execute arbitrary commands on the operating system. PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability to execute arbitrary commands on the operating system. • https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-005.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38672 – FPE in paddle.linalg.matrix_power
https://notcve.org/view.php?id=CVE-2023-38672
26 Jul 2023 — FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and a denial of service. • https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-004.md • CWE-369: Divide By Zero •