Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
numpy vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34072
sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. The sagemaker.base_deserializers.NumpyDeserializer module before v2.218.0 allows potentially unsafe deserialization when untrusted data is passed as pickled object arrays. Th...
NA
CVE-2022-41884
TensorFlow is an open source platform for machine learning. If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. We have patched the issue in GitHub commit 2b56169c16e375c521a3bc8ea658811cc0793784. T...
Google Tensorflow 2.10.0
Google Tensorflow
409
VMScore
CVE-2022-29216
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reas...
Google Tensorflow 2.7.0
Google Tensorflow
Google Tensorflow 2.8.0
Google Tensorflow 2.9.0
312
VMScore
CVE-2021-41495
Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows malicious users to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that valida...
Numpy Numpy
188
VMScore
CVE-2021-41496
Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows malicious users to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negati...
Numpy Numpy
312
VMScore
CVE-2021-33430
A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a v...
Numpy Numpy
445
VMScore
CVE-2021-34141
An incomplete string comparison in the numpy.core component in NumPy prior to 1.22.0 allows malicious users to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
Numpy Numpy
Oracle Communications Cloud Native Core Policy 22.1.3
668
VMScore
CVE-2019-6446
An issue exists in NumPy 1.16.0 and previous versions. It uses the pickle Python module unsafely, which allows remote malicious users to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it...
Numpy Numpy
Fedoraproject Fedora 30
3 Github repositories
187
VMScore
CVE-2014-1859
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy prior to 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.
Numpy Numpy
Numpy Numpy 1.8.1
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Fedoraproject Fedora 19
Fedoraproject Fedora 20
187
VMScore
CVE-2014-1858
__init__.py in f2py in NumPy prior to 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.
Numpy Numpy
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »