3217 matches found
NVIDIA Triton Inference Server <= 26.02 - Authentication Bypass
NVIDIA Triton Inference Server contains an authentication bypass vulnerability, letting attackers bypass authentication and potentially execute code, escalate privileges, tamper data, cause denial of service, or disclose information, exploit requires no special conditions. id: CVE-2026-24207 info...
ShortCode Addons - Unauthenticated Options Update
WordPress plugin Shortcode Addons = 3.0.2 contains an unauthenticated arbitrary option update caused by insufficient access controls in the plugin, letting attackers modify options without authentication. id: CVE-2022-34487 info: name: ShortCode Addons - Unauthenticated Options Update author:...
CVE-2026-8919
Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote user to obtain a local user’s NTLM hash by convincing the user to visit a crafted web page that sends a request containing a UNC path to the application’s local service endpoint. This can result in...
CVE-2026-8919
CVE-2026-8919 affects ASUS GameSDK. A permissive cross-domain policy with untrusted domains could let a remote user induce a local UNC request to the application’s local service endpoint, exposing a local NTLM hash and enabling information disclosure, data tampering, or service disruption. The is...
EUVD-2026-44585
Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote user to obtain a local user’s NTLM hash by convincing the user to visit a crafted web page that sends a request containing a UNC path to the application’s local service endpoint. This can result in...
CVE-2026-47473
NVIDIA TensorRT-LLM contains a vulnerability where an attacker could cause a write-what-where condition. A successful exploit of this vulnerability might lead to data tampering, denial of service, and information disclosure...
CVE-2026-47471
NVIDIA TensorRT-LLM for any platform contains a vulnerability in tensor deserialization, where an attacker could cause a heap based buffer overflow. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service...
CVE-2026-24229
NVIDIA TensorRT-LLM for Linux contains a vulnerability in the disaggregated orchestrator component, where an attacker could read, write, or delete internal cluster state by sending requests to the FastAPI server. A successful exploit of this vulnerability might lead to information disclosure, dat...
CVE-2026-24233
NVIDIA TensorRT-LLM for Linux contains a vulnerability in the restricted unpickler used for model weight deserialization, where a local, unauthenticated attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of...
CVE-2026-24259
NVIDIA TensorRT-LLM for Linux contains a vulnerability where an attacker could cause missing authentication for a critical function. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure...
CVE-2026-24226
NVIDIA TensorRT-LLM for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure...
CVE-2026-47481
NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause an authentication bypass through an alternative path or channel. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data...
CVE-2026-24226
NVIDIA TensorRT-LLM for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure...
CVE-2026-24226
NVIDIA TensorRT-LLM for Linux (CVE-2026-24226) is affected; the vulnerability is described as improper control of code generation, potentially enabling code execution, data tampering, and information disclosure. The NVIDIA security bulletin lists affected versions 0.0 to v1.3.0rc12 with an update...
CVE-2026-24259
NVIDIA TensorRT-LLM for Linux contains a vulnerability where an attacker could cause missing authentication for a critical function. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure...
CVE-2026-24259
CVE-2026-24259 affects NVIDIA TensorRT-LLM for Linux. The vulnerability is described as missing authentication for a critical function, with potential outcomes including code execution, data tampering, and information disclosure. According to the NVIDIA security update, for this CVE the remediati...
CVE-2026-24229
NVIDIA TensorRT-LLM for Linux contains a vulnerability in the disaggregated orchestrator component, where an attacker could read, write, or delete internal cluster state by sending requests to the FastAPI server. A successful exploit of this vulnerability might lead to information disclosure, dat...
CVE-2026-24229
CVE-2026-24229 affects NVIDIA TensorRT-LLM for Linux, specifically the disaggregated orchestrator. The issue allows an attacker to read, write, or delete internal cluster state by sending requests to the FastAPI server, potentially enabling information disclosure, data tampering, and denial of se...
CVE-2026-47473
NVIDIA TensorRT-LLM contains a vulnerability where an attacker could cause a write-what-where condition. A successful exploit of this vulnerability might lead to data tampering, denial of service, and information disclosure...
CVE-2026-47473
CVE-2026-47473 affects NVIDIA TensorRT-LLM. The vulnerability is a write-what-where condition in TensorRT-LLM components, with potential impacts including data tampering, denial of service, and information disclosure as described in multiple sources. NVIDIA’s security update table lists this CVE ...