Shodan
Vulnerabilities
Vulnerable Software
Ggerganov:  Security Vulnerabilities
CVE-2024-42477
llama.cpp provides LLM inference in C/C++. The unsafe `type` member in the `rpc_tensor` structure can cause `global-buffer-overflow`. This vulnerability may lead to memory data leakage. The vulnerability is fixed in b3561.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-08-12
CVE-2024-42478
llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address reading. This vulnerability is fixed in b3561.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-08-12
CVE-2024-42479
llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561.
CVSS Score
10.0
EPSS Score
0.01
Published
2024-08-12
CVE-2024-23605
A heap-based buffer overflow vulnerability exists in the GGUF library header.n_kv functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-02-26
CVE-2024-23496
A heap-based buffer overflow vulnerability exists in the GGUF library gguf_fread_str functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-02-26
CVE-2024-21802
A heap-based buffer overflow vulnerability exists in the GGUF library info->ne functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.006
Published
2024-02-26
CVE-2024-21825
A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-02-26
CVE-2024-21836
A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-02-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved