108 matches found
CVE-2025-4287
A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function torch.cuda.nccl.reduce of the file torch/cuda/nccl.py. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has bee...
CVE-2025-4287
A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function torch.cuda.nccl.reduce of the file torch/cuda/nccl.py. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has bee...
PT-2025-19794 · Pytorch +1 · Pytorch +1
Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0+cu124 Description: A vulnerability was found in PyTorch, affecting the function torch.cuda.nccl.reduce of the file torch/cuda/nccl.py. This issue leads to denial of service and can be exploited on the local host. The...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.13 (RHSA-2025:4437)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4437 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: ...
CVE-2025-30158 NamelessMC Forum iframe width/height abuse causing UI-based Denial of Service
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topics/comments/feed with no restriction on the iframe's width and height attributes. This allows an authenticated attacker ...
CVE-2025-29784 NamelessMC Has Lack of Length Validation for s Parameter in GET Requests
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the s parameter in GET requests for forum search functionality lacks length validation, allowing attackers to submit excessively long search queries. This oversight can lead to...
PyTorch Improper Resource Shutdown or Release vulnerability
A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...
CVE-2025-3730
A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...
CVE-2025-29912
CryptoLib (SDLS-EP) vulnerability in versions ≤ 1.3.3 involves a heap buffer overflow caused by an unsigned underflow in Crypto_TC_ProcessSecurity when the TC frame length fl is 0, interpreted as 65535 and leading to out-of-bounds access. Reported as CVE-2025-29912, it can enable DoS or potential...
Linux Distros Unpatched Vulnerability : CVE-2024-25111
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked...
Linux Distros Unpatched Vulnerability : CVE-2023-25577
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts,...
Linux Distros Unpatched Vulnerability : CVE-2021-32438
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gfmediaexportfilters function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...
Linux Distros Unpatched Vulnerability : CVE-2016-4356
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The appendutf8value function in the DN decoder dn.c in Libksba before 1.3.3 allows remote attackers to cause a denial of service out-of-bounds read by clearing...
Linux Distros Unpatched Vulnerability : CVE-2015-1380
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service abort via a crafted chunk-encoded body. CVE-2015-1380 Note that Nessus relie...
Linux Distros Unpatched Vulnerability : CVE-2016-9559
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted image...
CVE-2025-1377 GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service
A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelfgetsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been...
CVE-2025-1376 GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service
A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elfstrptr in the library /libelf/elfstrptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The...
Advisory ROSA-SA-2025-2690
Software: zabbix 6.0.12 OS: ROSA Virtualization 3.0 packageevrstring: zabbix-6.0.12-1.0.1 CVE-ID: CVE-2023-32724 BDU-ID: 2024-06936 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Zabbix Universal Monitoring System is related to improper assignment of permissions for a critical resource...
CVE-2024-24759
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 23.12.4.2, a threat actor can bypass the server-side request forgery protection on the whole website with DNS Rebinding. The vulnerability can also lead to denial of service. Version 23.12.4.2 contai...