Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
numpy numpy vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-6446
An issue exists in NumPy 1.16.0 and previous versions. It uses the pickle Python module unsafely, which allows remote malicious users to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it...
Numpy Numpy
Fedoraproject Fedora 30
3 Github repositories
7.8
CVSSv3
CVE-2022-29216
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reas...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
7.5
CVSSv3
CVE-2022-41884
TensorFlow is an open source platform for machine learning. If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. We have patched the issue in GitHub commit 2b56169c16e375c521a3bc8ea658811cc0793784. T...
Google Tensorflow 2.10.0
Google Tensorflow
7.5
CVSSv3
CVE-2017-12852
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow malicious users to cause a DoS attack.
Numpy Numpy
5.5
CVSSv3
CVE-2021-41496
Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows malicious users to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negati...
Numpy Numpy
5.5
CVSSv3
CVE-2014-1858
__init__.py in f2py in NumPy prior to 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.
Numpy Numpy
5.5
CVSSv3
CVE-2014-1859
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy prior to 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.
Numpy Numpy 1.8.1
Numpy Numpy
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Fedoraproject Fedora 20
Fedoraproject Fedora 19
5.3
CVSSv3
CVE-2021-41495
Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows malicious users to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that valida...
Numpy Numpy
5.3
CVSSv3
CVE-2021-34141
An incomplete string comparison in the numpy.core component in NumPy prior to 1.22.0 allows malicious users to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
Numpy Numpy
Oracle Communications Cloud Native Core Policy 22.1.3
5.3
CVSSv3
CVE-2021-33430
A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a v...
Numpy Numpy
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »