CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...

CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...

CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...

CVE-2025-33231

CVE-2025-33231 relates to NVIDIA Nsight Systems for Windows, where insecure DLL search paths in the application’s DLL loading mechanism allow an uncontrolled search path element. This could enable local attacker code execution, privilege escalation, data tampering, DoS, or information disclosure....

NVIDIA CUDA toolkit code issues and vulnerabilities

The NVIDIA CUDA toolkit is a toolset developed by NVIDIA Corporation in the United States. It provides a development environment for creating high-performance GPU-accelerated applications. The CUDA toolkit has code vulnerabilities that stem from defects in the application’s DLL loading mechanism...

CVE-2025-56005

An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Because pickle allows execution of embedded...

MiracleLinux 7 : java-11-openjdk-11.0.18.0.10-1.el7 (AXSA:2023-4847:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4847:03 advisory. OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.362.b08-1.el7 (AXSA:2023-4855:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4855:02 advisory. OpenJDK: improper restrictions in CORBA deserialization Serialization, 8285021 CVE-2023-21830 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 8 : java-11-openjdk-11.0.18.0.10-2.el8 (AXSA:2023-4810:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4810:01 advisory. OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 8 : nodejs:14 (AXSA:2023-5289:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5289:01 advisory. decode-uri-component: improper input validation resulting in DoS CVE-2022-38900 glob-parent: Regular Expression Denial of Service CVE-2021-35065...

MiracleLinux 9 : java-11-openjdk-11.0.18.0.10-2.el9 (AXSA:2023-5032:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5032:05 advisory. OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 9 : nodejs:18 (AXSA:2023-6072:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6072:01 advisory. glob-parent: Regular Expression Denial of Service CVE-2021-35065 c-ares: buffer overflow in configsortlist due to missing string length check...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.362.b09-2.el8 (AXSA:2023-4869:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4869:03 advisory. OpenJDK: improper restrictions in CORBA deserialization Serialization, 8285021 CVE-2023-21830 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 8 : java-17-openjdk-17.0.6.0.10-3.el8 (AXSA:2023-4811:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4811:01 advisory. OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742...

Raylib input validation vulnerability

Raylib is a simple and easy-to-use library developed by the creators of raysan5, designed for video game programming. Versions of RAYLIB 909f040 and earlier contained a vulnerability related to input validation errors. This vulnerability stemmed from an integer overflow in the LoadFontData functi...

Security Bulletin: A vulnerability in Watson NLP affects IBM Robotic Process Automation which may result in arbitrary code execution (CVE-2025-1550).

Summary A vulnerability in Watson NLP affects IBM Robotic Process Automation which may result in arbitrary code execution. Watson NLP is used by IBM Robotic Process Automation for Natural Language Processing. This bulletin identifies the fixes required to address the vulnerablity. Vulnerability...

OESA-2026-1055 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

OESA-2026-1052 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing

Security experts have disclosed details of a new campaign that has targeted U.S. government and policy entities using politically themed lures to deliver a backdoor known as LOTUSLITE. The targeted malware campaign leverages decoys related to the recent geopolitical developments between the U.S...

CVE-2025-65118

The vulnerability, if exploited, could allow an authenticated miscreant OS Standard User to trick Process Optimization services into loading arbitrary code and escalate privileges to OS System, potentially resulting in complete compromise of the Model Application Server...