374 matches found
Malicious code in ctf-flare (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23293f1bc28e465f7ffaf916fd8a6cc3958b873a2b338b81c0bf71bb146d1d36 package.json declares a postinstall script that runs node src/install.js after building a local binary. src/install.js is a 175 KB single-line payloa...
MAL-2026-3836 Malicious code in ctf-flare (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23293f1bc28e465f7ffaf916fd8a6cc3958b873a2b338b81c0bf71bb146d1d36 package.json declares a postinstall script that runs node src/install.js after building a local binary. src/install.js is a 175 KB single-line payloa...
CVE-2026-24204
NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure...
CVE-2026-24186
NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-24186
NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-24204
NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure...
EUVD-2026-26077
NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure...
CVE-2026-24204
The CVE-2026-24204 entry concerns NVIDIA FLARE SDK, where the flaw is an improper input validation via path traversal in the SDK. This could allow an attacker to disclose information with network access and low privileges, as described in the NVIDIA bulletin. Affected product: NVIDIA FLARE SDK; v...
CVE-2026-24204
NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure...
CVE-2026-24204
NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure...
CVE-2026-24204
NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure...
CVE-2026-24186
NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-24186
NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-24186
NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution...
EUVD-2026-26076
NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-24186
CVE-2026-24186 affects NVIDIA FLARE SDK, specifically the FOBS component. The vulnerability allows deserialization of untrusted data via a malicious FOBS-encoded message, which could lead to code execution. Affected product: NVIDIA FLARE SDK; affected version range includes all pre-2.7.2 builds. ...
EUVD-2026-26075
NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data tampering, information...
NVIDIA FLARE SDK 输入验证错误漏洞
NVIDIA FLARE SDK is a federal learning application development toolkit provided by NVIDIA Corporation in the United States. The NVIDIA Flare SDK has a vulnerability related to input validation errors. This vulnerability stems from path traversal, which leads to improper input validation,...
NVIDIA FLARE SDK 代码问题漏洞
NVIDIA FLARE SDK is a federal learning application development toolkit provided by NVIDIA Corporation in the United States. There are code-related vulnerabilities in NVIDIA FLARE SDK, which stem from issues with the FOBS component. These vulnerabilities may allow attackers to send malicious...
Security Bulletin: NVIDIA FLARE SDK - April 2026
NVIDIA has released a software update for NVIDIA® FLARE™ SDK. To protect your system, clone or update this software to NVIDIA FLARE SDK v2.7.2 or later from NVIDIA/NVFlare on GitHub. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this...