A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker...

Injection vulnerabilities due to validation/sanitisation of user-supplied input in ActiveMatrix BusinessWorks and Enterprise Administrator allows information disclosure, including exposure of accessible local files and host system details, and may allow manipulation of application behaviour. More information :...

Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2020723

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server provides an MQTT client interface. Prior to versions 2.11.15 and 2.12.5, Sessions and Messages can by hijacked via...

NVIDIA NeMo Framework contains a vulnerability where an attacker may cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering. More...

NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint where an attacker may cause a denial of service by providing a large compressed payload. A successful exploit of this vulnerability may lead...

NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and...

NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to...

NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may cause an RCE by convincing a user to load a maliciously crafted input. A successful exploit of this vulnerability may lead to code...

NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to...

NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this...

HCL Traveler is susceptible to a weak default HTTP header validation vulnerability, which could allow an attacker to bypass additional authentication checks. More information : https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129139

pyLoad is a free and open-source download manager written in Python. From version 0.4.20 to before version 0.5.0b3.dev97, the local_check decorator in pyLoad’s ClickNLoad feature can be bypassed by any remote attacker through HTTP...

pyLoad is a free and open-source download manager written in Python. From version 0.4.0 to before version 0.5.0b3.dev97, the set_config_value() API endpoint allows users with the non-admin SETTINGS permission to modify any configuration option...