Lucene search
K

10700 matches found

Cvelist
Cvelist
added 2026/07/01 2:48 p.m.31 views

CVE-2026-24242

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to information disclosure...

7.8CVSS0.00148EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 2:48 p.m.12 views

CVE-2026-24242

NVIDIA Megatron Bridge for Linux contains a vulnerability (CVE-2026-24242) that could allow a attacker to perform server-side request forgery, potentially leading to information disclosure. The NVIDIA security bulletin reassures that a software update to version 0.4.1 or later fixes this and othe...

7.8CVSS5.8AI score0.00148EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:43 p.m.5 views

CVE-2026-24240

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.9AI score0.00165EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/07/01 2:43 p.m.32 views

CVE-2026-24240

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00165EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 2:43 p.m.13 views

CVE-2026-24240

Summary (CVE-2026-24240): NVIDIA Megatron Bridge for Linux contains a vulnerability that allows deserialization of untrusted data, potentially enabling code execution, privilege escalation, data tampering, and information disclosure. Root cause: insecure deserialization in the bridge component. A...

7.8CVSS5.9AI score0.00165EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:39 p.m.6 views

CVE-2025-23351

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function VF access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device...

9CVSS6.4AI score0.00269EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:36 p.m.5 views

CVE-2025-23350

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function VF access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device...

9CVSS6.4AI score0.00269EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.3 views

PT-2026-54715

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge for Linux affected versions not specified Description An issue exists where an attacker could cause deserialization of untrusted data. Deserialization is the process of converting a data format back into an object. A...

7.8CVSS6AI score0.00154EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.4 views

PT-2026-54714

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge for Linux affected versions not specified Description An issue exists where an attacker could cause deserialization of untrusted data. Deserialization is the process of converting a data format, such as JSON or XML, back...

7.8CVSS6AI score0.00154EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.4 views

PT-2026-54718

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge for Linux affected versions not specified Description An issue exists where an attacker could cause improper control of code generation. This could lead to code execution, escalation of privileges, data tampering, and...

7.8CVSS6AI score0.00175EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.5 views

PT-2026-54712

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge for Linux affected versions not specified Description An issue exists that allows an attacker to perform server-side request forgery SSRF, a technique where the attacker induces the server-side application to make reques...

7.8CVSS6AI score0.00148EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.6 views

PT-2026-54719

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge for Linux affected versions not specified Description An issue exists where an attacker could cause deserialization of untrusted data. Deserialization is the process of converting a data format back into an object. A...

7.8CVSS6AI score0.00164EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.11 views

PT-2026-54721

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge for Linux affected versions not specified Description An issue exists where an attacker could cause improper control of dynamically managed code resources. This could lead to code execution, escalation of privileges, dat...

7.8CVSS6AI score0.00155EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-54713

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge for Linux affected versions not specified Description An issue exists where an attacker could cause deserialization of untrusted data. Deserialization is the process of converting a data format back into an object. A...

7.8CVSS6AI score0.00175EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 11:30 a.m.7 views

Critical: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux for NVIDIA. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS6.9AI score0.96267EPSS
Exploits280References33
Nvidia
Nvidia
added 2026/06/30 12:0 a.m.6 views

Security Bulletin: NVIDIA AIStore Framework - June 2026

NVIDIA has released a software update for NVIDIA® AIStore™ framework. To protect your system, download and install the latest version of the NVIDIA AIStore framework. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update...

9.8CVSS5.8AI score0.00842EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.6 views

RHEL 10 : kernel (RHSA-2026:33486)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33486 advisory. A special build of the kernel packages for Red Hat Enterprise Linux for NVIDIA. For more details about the security issues, including the...

9.8CVSS7AI score0.96267EPSS
Exploits280References42
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/28 9:50 p.m.11 views

Malicious code in skillspector (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c77584b4e40db9023ca0b8a90fa1bd611c859ed486f99ca3a7c9a83dbfa9877 This package presents itself as a redistribution of NVIDIA/skillspector pyproject Homepage points to github.com/NVIDIA/skillspector and the source...

5.9AI score
Exploits0References4
Cvelist
Cvelist
added 2026/06/23 4:21 p.m.49 views

CVE-2026-55447 Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, by controlling a files that are digested into the RAG, an attacker can direct the node to read any file on the file-system by absolute path. All components based on BaseFileComponent are vulnerable to t...

9.6CVSS0.00411EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 4:21 p.m.21 views

CVE-2026-55447

Langflow’s BaseFileComponent family (including Read File, DoclingInlineComponent, DoclingServe, DoclingRemoteComponent, NvidiaIngestComponent, VideoFileComponent, UnstructuredComponent) is affected by CVE-2026-55447. The underlying issue is in base_file.py: _unpack_bundle TAR extraction does not ...

9.6CVSS5.9AI score0.00411EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder