Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-23335 2025-08-06 MEDIUM 4.4 NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerability where an attacker could cause an underflow by a specific model configuration…
CVE-2025-23334 2025-08-06 MEDIUM 5.9 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by sending a request. A…
CVE-2025-23333 2025-08-06 MEDIUM 5.9 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by manipulating shared memory data.…
CVE-2025-23331 2025-08-06 HIGH 7.5 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a memory allocation with excessive size value, leading to a segmentation fault,…
CVE-2025-23327 2025-08-06 HIGH 7.5 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through specially crafted inputs. A successful exploit of this…
CVE-2025-23326 2025-08-06 HIGH 7.5 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through a specially crafted input. A successful exploit of…
CVE-2025-23325 2025-08-06 HIGH 7.5 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this…
CVE-2025-23324 2025-08-06 HIGH 7.5 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing…
CVE-2025-23323 2025-08-06 HIGH 7.5 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing…
CVE-2025-23322 2025-08-06 HIGH 7.5 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where multiple requests could cause a double free when a stream is cancelled before it is processed.…
CVE-2025-23321 2025-08-06 HIGH 7.5 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a divide by zero issue by issuing an invalid request. A successful…
CVE-2025-23320 2025-08-06 HIGH 7.5 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause the shared memory limit to be exceeded by…
CVE-2025-23319 2025-08-06 HIGH 8.1 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A…
CVE-2025-23318 2025-08-06 HIGH 8.1 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write. A successful exploit of this…
CVE-2025-23317 2025-08-06 CRITICAL 9.1 NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful…
CVE-2025-23311 2025-08-06 CRITICAL 9.8 NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack overflow through specially crafted HTTP requests. A successful exploit of this vulnerability might lead…
CVE-2025-23310 2025-08-06 CRITICAL 9.8 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. A successful exploit of this…
CVE-2025-5197 2025-08-06 MEDIUM 5.3 A Regular Expression Denial of Service (ReDoS) vulnerability exists in the Hugging Face Transformers library, specifically in the `convert_tf_weight_name_to_pt_weight_name()` function. This function, responsible for converting TensorFlow weight names…
CVE-2025-46391 2025-08-06 MEDIUM 6.5 CWE-284: Improper Access Control
CVE-2025-46390 2025-08-06 HIGH 7.5 CWE-204: Observable Response Discrepancy
CVE-2025-46389 2025-08-06 MEDIUM 6.5 CWE-620: Unverified Password Change
CVE-2025-46388 2025-08-06 MEDIUM 4.3 CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-46387 2025-08-06 HIGH 8.8 CWE-639 Authorization Bypass Through User-Controlled Key
CVE-2025-46386 2025-08-06 HIGH 8.8 CWE-639 Authorization Bypass Through User-Controlled Key
CVE-2025-8620 2025-08-06 MEDIUM 5.3 The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.6.0. This makes it possible…
CVE-2025-7771 2025-08-06 N/A 0.0 ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited…
CVE-2025-6013 2025-08-06 MEDIUM 6.5 Vault and Vault Enterprise’s (“Vault”) ldap auth method may not have correctly enforced MFA if username_as_alias was set to true and a user had multiple CNs that are…
CVE-2025-22470 2025-08-06 CRITICAL 9.8 CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1 allow crafted dangerous files to be uploaded. An arbitrary Lua script may be executed…
CVE-2025-22469 2025-08-06 HIGH 7.3 OS command injection vulnerability exists in CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1. An arbitrary OS command may be executed on…
CVE-2025-8556 2025-08-06 LOW 3.7 A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point…
CVE-2025-7202 2025-08-06 N/A 0.0 A Cross-Site Request Forgery (CSRF) in Elgato's Key Lights and related light products allows an attacker to host a malicious webpage that remotely controlles the victim's lights.
CVE-2025-7954 2025-08-06 N/A 0.0 A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations.
CVE-2025-47324 2025-08-06 HIGH 7.5 Information disclosure while accessing and modifying the PIB file of a remote device via powerline.
CVE-2025-27076 2025-08-06 HIGH 7.8 Memory corruption while processing simultaneous requests via escape path.
CVE-2025-27075 2025-08-06 HIGH 7.8 Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host.
CVE-2025-27073 2025-08-06 HIGH 7.5 Transient DOS while creating NDP instance.
CVE-2025-27072 2025-08-06 MEDIUM 5.5 Information disclosure while processing a packet at EAVB BE side with invalid header length.
CVE-2025-27071 2025-08-06 HIGH 7.3 Memory corruption while processing specific files in Powerline Communication Firmware.
CVE-2025-27069 2025-08-06 HIGH 7.8 Memory corruption while processing DDI command calls.
CVE-2025-27068 2025-08-06 HIGH 7.8 Memory corruption while processing an IOCTL command with an arbitrary address.
CVE-2025-27067 2025-08-06 HIGH 7.8 Memory corruption while processing DDI call with invalid buffer.
CVE-2025-27066 2025-08-06 HIGH 7.5 Transient DOS while processing an ANQP message.
CVE-2025-27065 2025-08-06 HIGH 7.5 Transient DOS while processing a frame with malformed shared-key descriptor.
CVE-2025-27062 2025-08-06 HIGH 7.8 Memory corruption while handling client exceptions, allowing unauthorized channel access.
CVE-2025-21477 2025-08-06 HIGH 7.5 Transient DOS while processing CCCH data when NW sends data with invalid length.
CVE-2025-21474 2025-08-06 HIGH 7.8 Memory corruption while processing commands from A2dp sink command queue.
CVE-2025-21473 2025-08-06 HIGH 7.8 Memory corruption when using Virtual cdm (Camera Data Mover) to write registers.
CVE-2025-21472 2025-08-06 MEDIUM 5.5 Information disclosure while capturing logs as eSE debug messages are logged.
CVE-2025-21465 2025-08-06 MEDIUM 6.5 Information disclosure while processing the hash segment in an MBN file.
CVE-2025-21464 2025-08-06 MEDIUM 6.5 Information disclosure while reading data from an image using specified offset and size parameters.
« Anterior Página 938 de 4305 Siguiente »