1314 matches found
EUVD-2024-38941
Malicious code in bioql PyPI...
EUVD-2025-23833
Malicious code in bioql PyPI...
EUVD-2025-19627
Malicious code in bioql PyPI...
EUVD-2022-0285
Malicious code in bioql PyPI...
EUVD-2025-23836
Malicious code in bioql PyPI...
text-generation-inference: Unbounded external image fetch in validation leads to resource-exhaustion DoS
Description Text Generation Inference Router DoS via pre-validation image fetch in VLM mode. Affected: Router workspace version 3.3.6 the latest repo, when deployed with a vision/VLM model e.g., Idefics/Mllama/Idefics2/Idefics3/Gemma3/Llama4/Paligemma/LlavaNext/Qwen2VL/Qwen25VL. Pure text LLMs do...
Integer Overflow lead to DOS in API `v2/models/<model-name>/infer`
This report is not public...
Dynamic Causal Attack Graph Based Cyber-Security Risk Assessment Framework for CTCS System
Protecting the security of the train control system is a critical issue to ensure the safe and reliable operation of high-speed trains. Scientific modeling and analysis for the security risk is a promising way to guarantee system security. However, the representation and assessment of the...
SecInfer: Preventing Prompt Injection Via Inference-Time Scaling
Prompt injection attacks pose a pervasive threat to the security of Large Language Models LLMs. State-of-the-art prevention-based defenses typically rely on fine-tuning an LLM to enhance its security, but they achieve limited effectiveness against strong attacks. In this work, we propose...
Noisy Networks, Nosy Neighbors: Inferring Privacy Invasive Information from Encrypted Wireless Traffic
This thesis explores the extent to which passive observation of wireless traffic in a smart home environment can be used to infer privacy-invasive information about its inhabitants. Using a setup that mimics the capabilities of a nosy neighbor in an adjacent flat, we analyze raw 802.11 packets an...
RAG Security and Privacy: Formalizing the Threat Model and Attack Surface
Retrieval-Augmented Generation RAG is an emerging approach in natural language processing that combines large language models LLMs with external document retrieval to produce more accurate and grounded responses. While RAG has shown strong potential in reducing hallucinations and improving factua...
Coherence-Driven Inference for Cybersecurity
Large language models LLMs can compile weighted graphs on natural language data to enable automatic coherence-driven inference CDI relevant to red and blue team operations in cybersecurity. This represents an early application of automatic CDI that holds near- to medium-term promise for...
CVE-2025-23316
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by manipulating the model name parameter in the model control APIs. A successful exploit of this vulnerability might lead to remote code...
NVIDIA Triton Inference Server Operating System Command Injection Vulnerability
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an operating system command injection vulnerability that stems from the Python backend not...
NVIDIA Triton Inference Server Input Validation Error Vulnerability (CNVD-2025-23136)
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an input validation error vulnerability that stems from an improper input validation issue in t...
NVIDIA Triton Inference Server Access Control Error Vulnerability
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. An access control error vulnerability exists in NVIDIA Triton Inference Server, which can be exploited by attackers to cause memory...
NVIDIA Triton Inference Server Input Validation Error Vulnerability
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an input validation error vulnerability that originates from loading a misconfigured model, whi...
Inference Attacks on Encrypted Online Voting Via Traffic Analysis
Online voting enables individuals to participate in elections remotely, offering greater efficiency and accessibility in both governmental and organizational settings. As this method gains popularity, ensuring the security of online voting systems becomes increasingly vital, as the systems...
NVIDIA Triton Inference Server Out-of-Bounds Write Vulnerability
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an out-of-bounds write vulnerability that can be exploited by attackers to cause a denial of...
CVE-2025-23328
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service...