Vulnerabilities > Numpy

DATE CVE VULNERABILITY TITLE RISK
2021-12-17 CVE-2021-41495 NULL Pointer Dereference vulnerability in Numpy
Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays.
network
high complexity
numpy CWE-476
5.3
2021-12-17 CVE-2021-41496 Classic Buffer Overflow vulnerability in Numpy
Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values.
local
low complexity
numpy CWE-120
5.5
2021-12-17 CVE-2021-33430 Classic Buffer Overflow vulnerability in Numpy
A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service.
network
high complexity
numpy CWE-120
5.3
2021-12-17 CVE-2021-34141 Incorrect Comparison vulnerability in multiple products
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects.
network
low complexity
numpy oracle CWE-697
5.3
2019-01-16 CVE-2019-6446 Deserialization of Untrusted Data vulnerability in multiple products
An issue was discovered in NumPy 1.16.0 and earlier.
network
low complexity
numpy fedoraproject CWE-502
critical
9.8
2018-01-08 CVE-2014-1859 Link Following vulnerability in multiple products
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.
local
low complexity
numpy redhat fedoraproject CWE-59
5.5
2018-01-08 CVE-2014-1858 Improper Input Validation vulnerability in Numpy
__init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.
local
low complexity
numpy CWE-20
5.5
2017-08-15 CVE-2017-12852 Infinite Loop vulnerability in Numpy
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation.
network
low complexity
numpy CWE-835
7.5