CLEANSTART-2026-LM72903 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 4.5.1-r0

Multiple security vulnerabilities affect the dcgm-exporter package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-25679 vulnerabilities

Vulnerabilities for packages: skopeo-fips, amazon-ssm-agent-fips, rke2-cloud-provider-fips, pulumi, karma, kubernetes-ingress-defaultbackend-fips, falcoctl, mongodb-kubernetes-operator-fips, azcopy, crossplane-provider-aws-lambda, kubernetes-csi-external-attacher-fips, victoriametrics, sops-fips,...

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: skopeo-fips, rke2-cloud-provider-fips, pulumi, karma, falcoctl, azcopy, crossplane-provider-aws-lambda, kubernetes-csi-external-attacher-fips, sops-fips, kong-ingress-controller-fips, prometheus-node-exporter, longhorn-manager, jobset-fips, json-exporter,...

CLEANSTART-2026-NB26505 Security fixes for GHSA-F6X5-JH6R-WRFV, GHSA-J5W8-Q4QC-RX2X applied in versions: 4.5.1-r0

Multiple security vulnerabilities affect the dcgm-exporter package. These issues are resolved in later releases. See references for individual vulnerability details...

EUVD-2021-21056

Malware in sbrugna...

EUVD-2023-12297

Malicious code in bioql PyPI...

EUVD-2022-26980

Malicious code in bioql PyPI...

CVE-2023-0208

NVIDIA DCGM for Linux contains a vulnerability in HostEngine server component where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering...

CVE-2022-21820

NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity...

CVE-2021-34398

NVIDIA DCGM, all versions prior to 2.2.9, contains a vulnerability in the DIAG module where any user can inject shared libraries into the DCGM server, which is usually running as root, which may lead to privilege escalation, total loss of confidentiality and integrity, and complete denial of...

CVE-2023-0208

NVIDIA DCGM for Linux contains a vulnerability in HostEngine server component where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering...

CVE-2023-0208

NVIDIA DCGM for Linux contains a vulnerability in HostEngine server component where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering...

Heap overflow

NVIDIA DCGM for Linux contains a vulnerability in HostEngine server component where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering...

CVE-2023-0208

NVIDIA DCGM for Linux contains a vulnerability in HostEngine server component where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering...

CVE-2023-0208

NVIDIA DCGM for Linux contains a vulnerability in HostEngine server component where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering...

CVE-2023-0208

NVIDIA DCGM for Linux is affected by a heap-based buffer overflow in the HostEngine (server component) triggered by the bound socket. The issue can lead to denial of service and data tampering. NVIDIA’s security bulletin for CVE-2023-0208 states affected software includes DCGM for Linux, with all...

PT-2023-16087 · Nvidia · Nvidia Dcgm

Name of the Vulnerable Software and Affected Versions: NVIDIA DCGM for Linux affected versions not specified Description: The issue is related to a heap-based buffer overflow in the HostEngine component of NVIDIA DCGM for Linux. This can be triggered by a user through the bound socket, potentiall...

Security Bulletin: NVIDIA DCGM - March 2023

NVIDIA has released a software update for NVIDIA® Data Center GPU Manager DCGM. The update addresses security issues that may lead to denial of service and data tampering. To protect your system, download and install the latest DCGM release from the CUDA repositories. Go to NVIDIA Product Securit...

NVIDIA Data Center GPU Manager Remote Memory Corruption Exploit

NVIDIA DCGM runs on machines with NVIDIA GPUs to gather telemetry and GPU health data. nv-hostengine is a daemon that by default listens on the loopback interface, but can also listen on the network for requests coming in on port 5555 remote mgmt. A native client named DCGMI allows users to make...

CVE-2022-21820

NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity...