CVE-2026-10717 Open-Seachest/Seachest show SCSI Defect List Vulnerability

Out of bounds write and reads in openSeaChest’s --showSCSIDefects in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing defect information out of bounds for very large defects lists via a very bad drive with lots of defects or a maliciously crafted SCSI device’s defect...

CVE-2025-23305

NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering...

Security Bulletin: IBM® Db2® is vulnerable to information disclosure and credential exposure to privileged users under specific conditions (CVE-2025-36131)

Summary IBM® Db2® clpplus command exposes user credentials to the terminal which could be obtained by a third party with physical access to the system. Vulnerability Details CVEID:CVE-2025-36131 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server clpplus command exposes...

EUVD-2025-198023

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

EUVD-2025-198024

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

GO-2025-3998 NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook in github.com/NVIDIA/gpu-operator

NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook in github.com/NVIDIA/gpu-operator. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...

EUVD-2025-25828

Malicious code in bioql PyPI...

EUVD-2025-25824

Malicious code in bioql PyPI...

EUVD-2025-30973

Malicious code in bioql PyPI...

EUVD-2025-25826

Malicious code in bioql PyPI...

EUVD-2024-54889

Malicious code in bioql PyPI...

EUVD-2023-28535

Malicious code in bioql PyPI...

CVE-2025-23307

NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

CVE-2025-23314

CVE-2025-23314 affects NVIDIA NeMo Framework (NLP component). Exploitation could allow code injection with potential code execution, privilege escalation, data tampering, and information disclosure. Affected is the NeMo Framework across platforms; root cause not detailed in provided documents. Ex...

CVE-2025-23296

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

CVE-2025-23296

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

CVE-2025-23305

CVE-2025-23305 affects NVIDIA Megatron-LM across all platforms, describing a vulnerability in the tools component that enables code injection. A successful exploit could lead to code execution, privilege escalation, information disclosure, and data tampering. The Red Hat entry and NVIDIA security...

CVE-2025-23298

NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability in a python dependency, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

CVE-2025-23296

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

CVE-2025-23303

NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering...