8 matches found
Amazon Linux 2023 : cuda-13 (ALAS2023NVIDIA-2026-257)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2026-257 advisory. NVIDIA Nsight Systems contains a vulnerability in the gfxhotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the processnsysrepcli.py script if...
Amazon Linux 2023 : cuda-compat-13-0 (ALAS2023NVIDIA-2026-275)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2026-275 advisory. NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability mig...
Command Injection
Overview runx is a runx - experiment manager for machine learning research Affected versions of this package are vulnerable to Command Injection in undisclosed functionality. According to the vendor, an attacker can execute arbitrary code, escalate privileges, cause denial of service, disclose...
Amazon Linux 2023 : cuda-toolkit-12 (ALAS2023NVIDIA-2025-209)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-209 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...
Amazon Linux 2023 : libnvjitlink-12, libnvjitlink-devel-12 (ALAS2023NVIDIA-2025-198)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-198 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...
Amazon Linux 2023 : cuda-cuobjdump-13 (ALAS2023NVIDIA-2025-143)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-143 advisory. Placeholder CVE. Details forthcoming CVE-2025-23280 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has not tested for th...
Arbitrary Code Injection
Overview megatron-core is a Megatron Core - a library for efficient and scalable training of transformer based models Affected versions of this package are vulnerable to Arbitrary Code Injection via the file uploading process. An attacker can execute arbitrary code, escalate privileges, access...
Arbitrary Code Injection
Overview megatron-core is a Megatron Core - a library for efficient and scalable training of transformer based models Affected versions of this package are vulnerable to Arbitrary Code Injection via the file uploading process. An attacker can execute arbitrary code, escalate privileges, access...