Vendor

PaddlePaddle

Products

CVEs

Across products

Status

Private

Products

Paddle
31 CVEs

Recent CVEs

View all 31 CVEs →

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2024-1603	PaddlePaddle Paddle	—	0.00	Mar 23, 2024	paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.read_file.
CVE-2024-0818	PaddlePaddle Paddle	—	0.00	Mar 7, 2024	Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before 2.6
CVE-2024-0917	PaddlePaddle Paddle	—	0.02	Mar 7, 2024	remote code execution in paddlepaddle/paddle 2.6.0
CVE-2024-0815	PaddlePaddle Paddle	—	0.00	Mar 7, 2024	Command injection in paddle.utils.download._wget_download (bypass filter) in paddlepaddle/paddle 2.6.0
CVE-2024-0817	PaddlePaddle Paddle	—	0.00	Mar 7, 2024	Command injection in IrGraph.draw in paddlepaddle/paddle 2.6.0
CVE-2024-0521	PaddlePaddle Paddle	—	0.00	Jan 20, 2024	Code Injection in paddlepaddle/paddle
CVE-2023-52314	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating system.
CVE-2023-52313	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52312	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52311	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system.
CVE-2023-52310	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system.
CVE-2023-52309	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
CVE-2023-52308	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52307	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
CVE-2023-52306	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52305	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52304	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
CVE-2023-52303	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52302	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-38678	PaddlePaddle Paddle	—	0.00	Jan 3, 2024	OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

CVE-2024-1603Mar 23, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.read_file.
CVE-2024-0818Mar 7, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before 2.6
CVE-2024-0917Mar 7, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.02
remote code execution in paddlepaddle/paddle 2.6.0
CVE-2024-0815Mar 7, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
Command injection in paddle.utils.download._wget_download (bypass filter) in paddlepaddle/paddle 2.6.0
CVE-2024-0817Mar 7, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
Command injection in IrGraph.draw in paddlepaddle/paddle 2.6.0
CVE-2024-0521Jan 20, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
Code Injection in paddlepaddle/paddle
CVE-2023-52314Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating system.
CVE-2023-52313Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52312Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52311Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system.
CVE-2023-52310Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system.
CVE-2023-52309Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
CVE-2023-52308Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52307Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
CVE-2023-52306Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52305Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52304Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
CVE-2023-52303Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52302Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-38678Jan 3, 2024
PaddlePaddle
Paddle
risk 0.00cvss —epss 0.00
OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

View all 31 CVEs →