CVE-2025-23263

NVIDIA DOCA-Host and Mellanox OFED contain a vulnerability in the VGT+ feature, where an attacker on a VM might cause escalation of privileges and denial of service on the VLAN...

EUVD-2025-21786

Malicious code in bioql PyPI...

CVE-2025-23263

NVIDIA DOCA-Host and Mellanox OFED contain a vulnerability in the VGT+ feature, where an attacker on a VM might cause escalation of privileges and denial of service on the VLAN...

CVE-2025-23263

NVIDIA DOCA-Host and Mellanox OFED contain CVE-2025-23263: a vulnerability in the VGT+ feature that could allow a VM attacker to escalate privileges and cause a denial of service on VLAN. The issue affects DOCA-Host and Mellanox OFED with VGT+ enabled and eSwitch in Legacy mode. NVIDIA’s security...

NVIDIA DOCA-Host和NVIDIA Mellanox OFED 安全漏洞

NVIDIA DOCA-Host and NVIDIA Mellanox OFED are both products of NVIDIA Corporation, U.S.A. NVIDIA DOCA-Host is a software package for host servers.NVIDIA Mellanox OFED is an Enhanced Networking Driver Box Stack Suite. A security vulnerability exists in NVIDIA DOCA-Host and NVIDIA Mellanox OFED tha...

PT-2025-29929 · Nvidia +1 · Nvidia Doca-Host +1

Name of the Vulnerable Software and Affected Versions: NVIDIA DOCA-Host affected versions not specified Mellanox OFED affected versions not specified Description: NVIDIA DOCA-Host and Mellanox OFED contain an issue in the VGT+ feature that may allow an attacker on a virtual machine VM to escalate...

Security Bulletin: NVIDIA DOCA-Host and Mellanox OFED - July 2025

NVIDIA has released a software update for NVIDIA® DOCA Host and Mellanox OFED. To protect your system, download and install the latest update from the DOCA Framework page. For earlier evaluation versions, contact your account manager to get access through NVOnline. Go to NVIDIA Product Security...

SUSE: Security Advisory (SUSE-SU-2013:0713-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:1784-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:1708-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES11 Security Update : various KMPs (SUSE-SU-2019:13999-1) (Spectre)

This update rebuilds missing kernel modules KMP to use 'retpolines' mitigations for Spectre Variant 2 CVE-2017-5715. Rebuilt KMP packages : cluster-network drbd gfs2 iscsitarget ocfs2 ofed oracleasm Note that Tenable Network Security has extracted the preceding description block directly from the...

SUSE SLES11 Security Update : kernel modules packages (SUSE-SU-2018:1784-1) (Spectre)

The following kernel modules were rebuild with 'retpoline' enablement to allow full mitigation of the Spectre Variant 2 CVE-2017-5715, bsc1068032 OFED was adjusted to add an entry to control the loading/unloading of cxgb4 to /etc/sysconf/infiniband bsc926856. Note that Tenable Network Security ha...

SUSE-SU-2018:1784-1 Security update for kernel modules packages

The following kernel modules were rebuild with 'retpoline' enablement to allow full mitigation of the Spectre Variant 2 CVE-2017-5715, bsc1068032 OFED was adjusted to add an entry to control the loading/unloading of cxgb4 to /etc/sysconf/infiniband bsc926856...

SUSE SLES10 Security Update : OFED (SUSE-SU-2013:0713-1)

rds-ping in the OFED stack could have triggered a kernel BUG, which could have caused a local denial of service attack. CVE-2012-2372 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...

SUSE SLES10 Security Update : ofed (SUSE-SU-2012:1708-1)

This update of ofed fixed multiple issues including security related flaws : - sdp: move histogram allocation from stack to heap bnc706175 - cma: Fix crash in request handlers bnc678795, CVE-2011-0695 - rds: set correct msgnamelen bnc773383, CVE-2012-3430 - cm: Bump reference count on cmid before...

SuSE 10 Security Update : OFED (ZYPP Patch Number 8507)

rds-ping in the OFED stack could have triggered a kernel BUG, which could have caused a local denial of service attack. CVE-2012-2372 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; i...

SuSE 10 Security Update : ofed (ZYPP Patch Number 8386)

This update of ofed fixed multiple issues including security related flaws : - sdp: move histogram allocation from stack to heap. bnc706175 - cma: Fix crash in request handlers. bnc678795, CVE-2011-0695 - rds: set correct msgnamelen. bnc773383, CVE-2012-3430 - cm: Bump reference count on cmid...

SuSE 11.1 Security Update : OFED (SAT Patch Number 5384)

This update fixes the following reports for OFED : - 704914: Fixed NFS client over TCP hangs due to packet loss. - 693243: Fixed issue with building lustre against ofed-devel. - 706175: Fix crash on accessing /proc/net/sdpstats - 722030: Cannot load ibipath - 703752: Prevent BUGON triggering on...

Memory corruption

ulp/sdp/sdpproc.c in the ibsdp module aka ibsdp.ko in the ofakernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution OFED before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service stack memory...

CVE-2011-3345

ulp/sdp/sdpproc.c in the ibsdp module aka ibsdp.ko in the ofakernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution OFED before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service stack memory...