CVE Alert: CVE-2025-23304
Vulnerability Summary: CVE-2025-23304 NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker...
CVE Alert: CVE-2025-23296
Vulnerability Summary: CVE-2025-23296 NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an attacker could cause...
CVE Alert: CVE-2025-23298
Vulnerability Summary: CVE-2025-23298 NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability in a python dependency, where an attacker could...
CVE Alert: CVE-2025-23303
Vulnerability Summary: CVE-2025-23303 NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of...
CVE Alert: CVE-2024-12303
Vulnerability Summary: CVE-2024-12303 An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 18.0.6, 18.1 before...
CVE Alert: CVE-2025-2498
Vulnerability Summary: CVE-2025-2498 An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1 prior...
CVE Alert: CVE-2025-23295
Vulnerability Summary: CVE-2025-23295 NVIDIA Apex for all platforms contains a vulnerability in a Python component where an attacker could cause...
CVE Alert: CVE-2025-23294
Vulnerability Summary: CVE-2025-23294 NVIDIA WebDataset for all platforms contains a vulnerability where an attacker could execute arbitrary code with elevated...
CVE Alert: CVE-2025-23306
Vulnerability Summary: CVE-2025-23306 NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/ arguments.py component where an attacker could...
CVE Alert: CVE-2025-2614
Vulnerability Summary: CVE-2025-2614 An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before...
HackerOne Bug Bounty Disclosure: remote-code-execution-in-amazon-mwaa-due-to-outdated-apache-airflow-version-ricardojoserf
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:ricardojoserfLink to Submitters Profile:https://hackerone.com/ricardojoserf Report Title:Remote Code Execution in Amazon MWAA...
HackerOne Bug Bounty Disclosure: url-path-manipulation-enables-cache-poisoning-of-amazon-affiliate-products-in-shopify-linkpop-saltymermaid
Company Name: Shopify Company HackerOne URL: https://hackerone.com/shopify Submitted By:saltymermaidLink to Submitters Profile:https://hackerone.com/saltymermaid Report Title:URL Path Manipulation Enables Cache Poisoning of...
HackerOne Bug Bounty Disclosure: -x-vc-index-js-exposed-google-maps-api-key-allowing-potential-abuse-of-paid-services-abdallasamir
Company Name: 8x8 Bounty Company HackerOne URL: https://hackerone.com/8x8-bounty Submitted By:abdallasamir12Link to Submitters Profile:https://hackerone.com/abdallasamir12 Report Title:8x8vc/indexjs: Exposed Google Maps API Key...
CVE Alert: CVE-2025-50616
Vulnerability Summary: CVE-2025-50616 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046f984 function of the...
CVE Alert: CVE-2025-50617
Vulnerability Summary: CVE-2025-50617 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046ed68 function of the...
CVE Alert: CVE-2025-23305
Vulnerability Summary: CVE-2025-23305 NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit...
CVE Alert: CVE-2025-45317
Vulnerability Summary: CVE-2025-45317 A zip slip vulnerability in the /modules/ImportModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary code...
CVE Alert: CVE-2025-50615
Vulnerability Summary: CVE-2025-50615 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00470c50 function of the...
CVE Alert: CVE-2025-45316
Vulnerability Summary: CVE-2025-45316 A cross-site scripting (XSS) vulnerability in the TextBlockModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary...
CVE Alert: CVE-2025-45315
Vulnerability Summary: CVE-2025-45315 A cross-site scripting (XSS) vulnerability in the /controller/admin.php endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary...
CVE Alert: CVE-2025-45314
Vulnerability Summary: CVE-2025-45314 A cross-site scripting (XSS) vulnerability in the /Calendar endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary...
CVE Alert: CVE-2025-2937
Vulnerability Summary: CVE-2025-2937 An issue has been discovered in GitLab CE/EE affecting all versions from 13.2 before 18.0.6, 18.1 before...
CVE Alert: CVE-2025-7739
Vulnerability Summary: CVE-2025-7739 An issue has been discovered in GitLab CE/EE affecting all versions from 18.2 before 18.2.2 that, under...
CVE Alert: CVE-2025-8770
Vulnerability Summary: CVE-2025-8770 An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1...
