50 matches found
Malicious code in colorinal (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security aac66e0b739a7c06226108da151ee90cc6b406fcf287093e3ca4da4f5eebf79e This package is malicious and allows an attack remote code execution on Windows and Linux machines. The package termncolor uses colorinal ...
CVE-2025-23316
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by manipulating the model name parameter in the model control APIs. A successful exploit of this vulnerability might lead to remote code...
CVE-2025-23329
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corruption by identifying and accessing the shared memory region used by the Python backend. A successful exploit of this vulnerability might lead to denial of service...
CVE-2025-10227
Missing Encryption of Sensitive Data CWE-311 in the Object Archive component in AxxonSoft Axxon One C-Werk before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at...
CVE-2025-10226
Dependency on Vulnerable Third-Party Component CWE-1395 in the PostgreSQL backend in AxxonSoft Axxon One C-Werk 2.0.8 and earlier on Windows and Linux allows a remote attacker to escalate privileges, execute arbitrary code, or cause denial-of-service via exploitation of multiple known CVEs presen...
CVE-2025-26498
Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux establish-connection-no-undo modules allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19...
CVE-2025-26496
CVE-2025-26496 concerns a Type Confusion vulnerability in Salesforce Tableau Server and Tableau Desktop (Windows, Linux) within their File Upload modules, enabling Local Code Inclusion. Affected versions include Tableau Server/Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19. The issu...
PT-2025-34493 · Salesforce · Tableau Server
Name of the Vulnerable Software and Affected Versions: Tableau Server versions prior to 2025.1.3 Tableau Server versions prior to 2024.2.12 Tableau Server versions prior to 2023.3.19 Description: A Path Traversal vulnerability exists in Salesforce Tableau Server on Windows and Linux due to improp...
Linux Distros Unpatched Vulnerability : CVE-2021-1077
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a...
CVE-2025-23323
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service...
PT-2025-32166 · Nvidia · Nvidia Triton Inference Server
Name of the Vulnerable Software and Affected Versions: NVIDIA Triton Inference Server for Windows and Linux affected versions not specified Description: NVIDIA Triton Inference Server is susceptible to an integer overflow triggered by specially crafted inputs. Successful exploitation of this issu...
CVE-2024-0092
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service...
EUVD-2025-12508
Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells." Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217...
UBUNTU-CVE-2025-2830
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...
CVE-2024-0091
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering...
DEBIAN-CVE-2024-0131
NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read a buffer with an incorrect length. A successful exploit of this vulnerability might lead to denial of service...
UBUNTU-CVE-2024-0150
NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering...
GHSA-P8H7-C8GW-6X8C LoLLMS Path Traversal vulnerability
A path traversal vulnerability exists in the parisneo/lollms application, affecting version 9.4.0 and potentially earlier versions, but fixed in version 9.5.0. The vulnerability arises due to improper validation of file paths between Windows and Linux environments, allowing attackers to traverse...
Attacks, Vulnerabilities and Actors 23 October to 29 October 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and three exploited...
UBUNTU-CVE-2023-0184
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering...