Shodan
Vulnerabilities
Vulnerable Software
Oneflow:  >> Oneflow  Security Vulnerabilities
CVE-2025-70999
A GPU device-ID validation flaw in the flow.cuda.get_device_capability() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted device ID.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-01-28
CVE-2025-71000
An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-01-28
CVE-2025-65891
A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice (DoS) by invoking flow.cuda.get_device_properties() with an invalid or negative device index.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-01-28
CVE-2025-65886
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted tensor shapes.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-01-28
CVE-2025-65887
A division-by-zero vulnerability in the flow.floor_divide() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input tensor with zero.
CVSS Score
6.5
EPSS Score
0.001
Published
2026-01-28
CVE-2025-65888
A dimension validation flaw in the flow.empty() component of OneFlow 0.9.0 allows attackers to cause a Denial of Service (DoS) via a negative or excessively large dimension value.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-01-28
CVE-2025-65889
A type validation flaw in the flow.dstack() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-01-28
CVE-2025-65890
A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) by calling flow.cuda.synchronize() with an invalid or out-of-range GPU device index.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-01-28
CVE-2025-63397
Improper input validation in OneFlow v0.9.0 allows attackers to cause a segmentation fault via adding a Python sequence to the native code during broadcasting/type conversion.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-11-10
CVE-2024-36734
Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the dim parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-06-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved