29 matches found
EUVD-2019-15077
Malware in sbrugna...
EUVD-2024-15878
Malicious code in bioql PyPI...
EUVD-2025-25825
Malicious code in bioql PyPI...
EUVD-2022-29364
Malicious code in bioql PyPI...
EUVD-2021-6587
Malicious code in bioql PyPI...
CVE-2025-23313
Summary (CVE-2025-23313) : NVIDIA NeMo Framework (NLP component) across platforms is described as vulnerable to code injection via malicious data. The underlying root cause is not detailed in the provided documents, but the consequence could include code execution, privilege escalation, informati...
CVE-2025-23298
NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability in a python dependency, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-23295
NVIDIA Apex for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data...
Linux Distros Unpatched Vulnerability : CVE-2023-0189
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, escalation of...
CVE-2025-24813 Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
Path Equivalence: 'file.Name' Internal Dot leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through...
CVE-2024-37526 IBM Watson Query on Cloud Pak for Data information disclosure
IBM Watson Query on Cloud Pak for Data IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0 could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism...
CVE-2024-10490
An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in the OPC UA Server configuration required for B&R mapp Cockpit before 6.0, B&R mapp View before 6.0, B&R mapp Services before 6.0, B&R mapp Motion before 6.0 and B&R mapp Vision before 6.0 may be used by an...
CVE-2024-0104
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC are affected by CVE-2024-0104 due to a vulnerability in the LDAP AAA component that can lead to information disclosure, data tampering, and privilege escalation. The issue is described across multiple sources (NVD, Red Hat, CVE lists) as ...
RHEL 7 : ansible (RHSA-2019:3744)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3744 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH a...
CVE-2023-31036 CVE
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the model load API to cause a relative path traversal. A successful exploit of this vulnerability may lea...
CVE-2023-34334
AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering...
PT-2022-6803 · Unknown +2 · Openimageio +2
Name of the Vulnerable Software and Affected Versions: OpenImageIO version 2.3.19.0 Description: An information disclosure issue exists in the OpenImageIO::decode iptc iim functionality. This is related to reading beyond the valid boundaries of a data buffer. A specially-crafted TIFF file can lea...
CVE-2022-2989
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to...
Solarwinds Kiwi Syslog Server 配置错误漏洞
Solarwinds Kiwi Syslog Server is an affordable Syslog management tool for network and system engineers from Solarwinds USA. It is used to receive syslog messages and Snmp traps from network devices routers, switches, firewalls, etc. and Linux®/Unix® hosts. A security vulnerability exists in...
petchillhk.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1083236 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...