19 matches found
NVIDIA Merlin Transformers4Rec Code Injection Vulnerability
NVIDIA Merlin Transformers4Rec is a software for building serialized and conversational recommender systems from NVIDIA. NVIDIA Merlin Transformers4Rec suffers from a code injection vulnerability that stems from incorrectly filtering input parameters, which can be exploited by a remote attacker t...
CVE-2025-33233
NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability where an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-33233
NVIDIA Merlin Transformers4Rec (all platforms) is affected by CVE-2025-33233. The issue allows code injection due to the underlying vulnerability, with potential impact including code execution, escalation of privileges, information disclosure, and data tampering. The CVSSv3.1 vector is AV:L/AC:L...
CVE-2025-33233
NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability where an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-33233
NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability where an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
NVIDIA Merlin Transformers4Rec Deserialization Vulnerability
NVIDIA Merlin Transformers4Rec is a software for building serialized and conversational recommender systems from NVIDIA. NVIDIA Merlin Transformers4Rec suffers from a deserialization vulnerability that originates from unsafe deserialization processing of serialized data submitted by a user when...
CVE-2025-33213
NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...
CVE-2025-33213
NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...
EUVD-2025-202258
NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...
CVE-2025-33213
CVE-2025-33213 affects NVIDIA Merlin Transformers4Rec for Linux. The Trainer component has a deserialization vulnerability that could enable code execution, denial of service, information disclosure, and data tampering. Public sources corroborate the issue and note an associated CVSS v3.1 base sc...
CVE-2025-33213
NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...
NVIDIA Merlin Transformers4Rec Code Injection Vulnerability
NVIDIA Merlin Transformers4Rec is a software for building serialized and conversational recommender systems from NVIDIA. NVIDIA Merlin Transformers4Rec suffers from a code injection vulnerability, which originates from a Python dependency, that can be exploited by an attacker to perform malicious...
CVE-2025-23298
NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability in a python dependency, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-23298
NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability in a python dependency, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-23298
Summary: CVE-2025-23298 affects NVIDIA Merlin Transformers4Rec. A vulnerability arises from a Python dependency in Transformers4Rec where loading a checkpoint with PyTorch’s torch.load() can deserialize objects via Python’s pickle, enabling arbitrary code execution. This could allow an attacker t...
CVE-2025-23298
NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability in a python dependency, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
NVIDIA Merlin Transformers4Rec 代码注入漏洞
NVIDIA Merlin Transformers4Rec is a software for building serialized and conversational recommender systems from NVIDIA. NVIDIA Merlin Transformers4Rec suffers from a code injection vulnerability, which originates from a Python dependency, that can be exploited by an attacker to perform malicious...
PT-2025-33045
Name of the Vulnerable Software and Affected Versions NVIDIA Merlin Transformers4Rec for all platforms affected versions not specified Description NVIDIA Merlin Transformers4Rec contains a flaw in a Python dependency that could allow an attacker to cause a code injection issue. Successful...
Security Bulletin: NVIDIA Merlin Transformers4Rec - August 2025
NVIDIA has released a software update for NVIDIA Merlin Transformers4Rec. To protect your system, install the software including the Github commit b7eaea5 of NVIDIA Merlin Transformers4Rec. Go to NVIDIA Product Security...