Lucene search
+L

7203 matches found

Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.16 views

PT-2026-56078

Name of the Vulnerable Software and Affected Versions Coder versions 2.33.0 through 2.33.7 Coder versions 2.34.0 through 2.34.1 Description AI Bridge provider handlers read request bodies using io.ReadAll without enforcing a maximum size. An authenticated user with AI Bridge access can send an...

6.5CVSS6AI score0.00552EPSS
Exploits0References11
OSV
OSV
added 2026/07/02 4:14 p.m.6 views

USN-8501-1 linux vulnerabilities

It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-43503 Several security issues...

9.8CVSS7.1AI score0.00591EPSS
Exploits11References15
PyPA
PyPA
added 2026/07/02 2:13 p.m.6 views

OpenStack Neutron Race Condition vulnerability

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0:...

5.9CVSS6.2AI score0.01847EPSS
Exploits0References14Affected Software1
OSV
OSV
added 2026/07/02 2:13 p.m.5 views

PYSEC-2026-686 OpenStack Neutron Race Condition vulnerability

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0:...

5.9CVSS5.9AI score0.01847EPSS
Exploits0References14
OSV
OSV
added 2026/07/01 5:15 p.m.12 views

USN-8493-1 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-5.15, linux-azure-fde-5.15, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...

9.8CVSS6.3AI score0.09796EPSS
Exploits4References65
Snyk
Snyk
added 2026/07/01 4:19 p.m.6 views

Deserialization of Untrusted Data

Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the deserialization process. An attacker can execute arbitrary code, escalate privileges, tamper with data...

8.5CVSS6.1AI score0.00175EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 4:19 p.m.7 views

Server-side Request Forgery (SSRF)

Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the request process. An attacker can access internal resources and potentially disclose sensitive...

8.5CVSS5.9AI score0.00148EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 4:19 p.m.6 views

Deserialization of Untrusted Data

Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization process. An attacker can execute arbitrary code, escalate privileges, tamper with dat...

8.5CVSS6.1AI score0.00169EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 4:16 p.m.9 views

CVE-2026-24246

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00169EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.12 views

CVE-2026-24251

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00155EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.13 views

CVE-2026-24247

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00169EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.12 views

CVE-2026-24250

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00155EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.13 views

CVE-2026-24248

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00175EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.12 views

CVE-2026-24245

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00154EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.12 views

CVE-2026-24243

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00175EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.13 views

CVE-2026-24242

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to information disclosure...

7.8CVSS0.00148EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.12 views

CVE-2026-24244

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00154EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 3:28 p.m.10 views

USN-8491-1 linux-oem-6.17 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; -...

9.8CVSS5.8AI score0.00817EPSS
Exploits9References63
Ubuntu
Ubuntu
added 2026/07/01 3:28 p.m.13 views

USN-8491-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; -...

9.8CVSS6.2AI score0.00817EPSS
Exploits9
Cvelist
Cvelist
added 2026/07/01 2:58 p.m.36 views

CVE-2026-24251

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00155EPSS
Exploits0References3
Rows per page
Query Builder