CVE-2024-42479

CRITICAL Year: 2024
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-123
View all →

Vulnerability Description

llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561.

Related Vulnerabilities

CVE-2014-5435

CRITICAL
CVSS:9.8(Critical)

An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote...

CWE-1232014

CVE-2015-8271

CRITICAL
CVSS:9.8(Critical)

The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.

CWE-1232015

CVE-2020-2001

CRITICAL
CVSS:9.8(Critical)

An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interfac...

CWE-1232020

CVE-2021-38441

CRITICAL
CVSS:9.8(Critical)

Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML parser.

CWE-1232021

CVE-2021-38449

CRITICAL
CVSS:9.8(Critical)

Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location of the affected produc...

CWE-1232021

CVE-2022-38143

CRITICAL
CVSS:9.8(Critical)

A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to arbitrary out of bounds memory, which can l...

CWE-1232022