Ggerganov

Llama.Cpp

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-42477

  • EPSS 0.27%
  • Veröffentlicht 12.08.2024 15:15:21
  • Zuletzt bearbeitet 15.08.2024 14:02:23

llama.cpp provides LLM inference in C/C++. The unsafe `type` member in the `rpc_tensor` structure can cause `global-buffer-overflow`. This vulnerability may lead to memory data leakage. The vulnerability is fixed in b3561.

9.8

CVE-2024-42478

Exploit
  • EPSS 0.49%
  • Veröffentlicht 12.08.2024 15:15:21
  • Zuletzt bearbeitet 15.08.2024 14:03:32

llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address reading. This vulnerability is fixed in b3561.

9.8

CVE-2024-42479

Exploit
  • EPSS 5.68%
  • Veröffentlicht 12.08.2024 15:15:21
  • Zuletzt bearbeitet 15.08.2024 14:03:53

llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561.

6.5

CVE-2024-41130

  • EPSS 0.1%
  • Veröffentlicht 22.07.2024 18:15:04
  • Zuletzt bearbeitet 27.08.2025 16:20:20

llama.cpp provides LLM inference in C/C++. Prior to b3427, llama.cpp contains a null pointer dereference in gguf_init_from_file. This vulnerability is fixed in b3427.

8.8

CVE-2024-32878

  • EPSS 0.21%
  • Veröffentlicht 26.04.2024 21:15:49
  • Zuletzt bearbeitet 02.09.2025 18:30:15

Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in gguf_init_from_file, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully c...

9.8

CVE-2024-23605

Exploit
  • EPSS 0.2%
  • Veröffentlicht 26.02.2024 16:27:57
  • Zuletzt bearbeitet 04.11.2025 19:16:54

A heap-based buffer overflow vulnerability exists in the GGUF library header.n_kv functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerabi...

9.8

CVE-2024-23496

Exploit
  • EPSS 0.2%
  • Veröffentlicht 26.02.2024 16:27:56
  • Zuletzt bearbeitet 04.11.2025 19:16:54

A heap-based buffer overflow vulnerability exists in the GGUF library gguf_fread_str functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulner...

9.8

CVE-2024-21802

Exploit
  • EPSS 0.63%
  • Veröffentlicht 26.02.2024 16:27:55
  • Zuletzt bearbeitet 04.11.2025 19:16:30

A heap-based buffer overflow vulnerability exists in the GGUF library info->ne functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerabi...

9.8

CVE-2024-21825

Exploit
  • EPSS 0.25%
  • Veröffentlicht 26.02.2024 16:27:55
  • Zuletzt bearbeitet 04.11.2025 19:16:30

A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious f...

9.8

CVE-2024-21836

Exploit
  • EPSS 0.2%
  • Veröffentlicht 26.02.2024 16:27:55
  • Zuletzt bearbeitet 04.11.2025 19:16:30

A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vuln...