235 matches found
EUVD-2021-8684
Malicious code in bioql PyPI...
EUVD-2021-8683
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-23171
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash...
Linux Distros Unpatched Vulnerability : CVE-2021-21373
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nimble is a package manager for the Nim programming language. In Nim release versions before versions 1.2.10 and 1.4.4, nimble refresh fetches a list of Nimble...
Linux Distros Unpatched Vulnerability : CVE-2020-15693
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL. An injection is possible if the attacker controls any part o...
Linux Distros Unpatched Vulnerability : CVE-2020-15692
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser. This argument can be a local file path that will be open...
Linux Distros Unpatched Vulnerability : CVE-2021-29495
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled ...
Linux Distros Unpatched Vulnerability : CVE-2020-15690
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Nim before 1.2.6, the standard library asyncftpclient lacks a check for whether a message contains a newline character. CVE-2020-15690 Note that Nessus relie...
Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Tampering and Elevation of Privilege due to the use of AIX NIM
Summary The use of AIX NIM exposes IBM Virtualization Engine TS7700 to vulnerabilities identified as CVE-2024-56346 and CVE-2024-56347, making it susceptible to tampering and privilege escalation attacks. These weaknesses in AIX could be exploited by a remote attacker to execute unauthorized...
North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign
Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics. "Unusually for macOS malware, the threat actors employ a process injection...
Enabling Secure AI Inference: Trend Cybertron Leverages NVIDIA Universal LLM NIM Microservices
Learn how Trend's Cybertron has been harnessing the power of NVIDIA Universal LLM NIM Microservices...
CVE-2020-23171
A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file...
CVE-2024-56346
IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote attacker to execute arbitrary commands due to improper process controls...
Vulnerabilities fixed in IBM AIX
IBM has fixed vulnerabilities in IBM AIX Specifically for versions 7.2 and 7.3. The vulnerabilities are in the NIM master service and the nimsh service's SSL/TLS protection mechanisms in IBM AIX versions 7.2 and 7.3. These vulnerabilities can be exploited by remote malicious actors to execute...
CVE-2024-56346
IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote attacker to execute arbitrary commands due to improper process controls...
CVE-2024-56346
IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote attacker to execute arbitrary commands due to improper process controls...
CVE-2024-56346
Summary of CVE-2024-56346 and related IBM AIX NIM vulnerabilities. The primary issue involves the nimsh/NIM master service on IBM AIX (NIM master) enabling remote code execution due to improper process controls. Affected products/versions per connected advisories: AIX 7.2 and 7.3, and VIOS 3.1 an...
IBM AIX 安全漏洞
IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture by International Business Machines IBM. A security vulnerability exists in IBM AIX versions 7.2 and 7.3 that stems from improper control of the nimesis NIM master service process, which could allow a...
Linux Distros Unpatched Vulnerability : CVE-2021-46872
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI sche...
CVE-2024-42475
In the OAuth library for nim prior to version 0.11, the state values generated by the generateState function do not have sufficient entropy. These can be successfully guessed by an attacker allowing them to perform a CSRF vs a user, associating the user's session with the attacker's protected...