24h | 7d | 30d

Overview

  • NVIDIA
  • NVIDIA Isaac-GR00T N1

13 Aug 2025
Published
13 Aug 2025
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.02%

KEV

Description

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

Statistics

  • 1 Post

Last activity: 6 hours ago

Bluesky

Profile picture
~Trendmicro~ Trend Micro's new ÆSIR AI platform has discovered 21 critical zero-day vulnerabilities in foundational AI infrastructure from NVIDIA, Tencent, and others. - IOCs: CVE-2025-23296, CVE-2025-33183, CVE-2025-33184 - #0day #AI #ThreatIntel
  • 0
  • 0
  • 0
  • 6h ago

Overview

  • Fastw3b LLC
  • FW Gallery
  • fw-gallery

17 Jun 2025
Published
26 Jun 2025
Updated

CVSS v3.1
HIGH (8.6)
EPSS
0.06%

KEV

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Fastw3b LLC FW Gallery allows Path Traversal. This issue affects FW Gallery: from n/a through 8.0.0.

Statistics

  • 1 Post

Last activity: 4 hours ago

Fediverse

Profile picture

RE: hachyderm.io/@evacide/11590066

Vulnerability introduced by AI-enhanced media processing.

• Attackers can leverage tiny memory corruption windows
• Media decoder memory layouts present consistent security vulnerabilities

thank you 🙇🏻 @evacide for this high-quality explainer with references:

1. CVE-2025-49415
2. CVE-2025-54957
3. CVE-2025-36934
4. Dolby Digital (DD) and Dolby Digital Plus (DD+) audio formats
5. ETSI audio format specification

this isn't over imo. #infosec

  • 0
  • 0
  • 0
  • 4h ago

Overview

  • NVIDIA
  • NVIDIA Isaac-GR00T N1.5

18 Nov 2025
Published
19 Nov 2025
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.02%

KEV

Description

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

Statistics

  • 1 Post

Last activity: 6 hours ago

Bluesky

Profile picture
~Trendmicro~ Trend Micro's new ÆSIR AI platform has discovered 21 critical zero-day vulnerabilities in foundational AI infrastructure from NVIDIA, Tencent, and others. - IOCs: CVE-2025-23296, CVE-2025-33183, CVE-2025-33184 - #0day #AI #ThreatIntel
  • 0
  • 0
  • 0
  • 6h ago

Overview

  • SICK AG
  • Incoming Goods Suite

15 Jan 2026
Published
15 Jan 2026
Updated

CVSS v3.1
MEDIUM (4.2)
EPSS
Pending

KEV

Description

An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 8 hours ago

Overview

  • SICK AG
  • Incoming Goods Suite

15 Jan 2026
Published
15 Jan 2026
Updated

CVSS v3.1
MEDIUM (5.0)
EPSS
Pending

KEV

Description

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 8 hours ago

Overview

  • SICK AG
  • Incoming Goods Suite

15 Jan 2026
Published
15 Jan 2026
Updated

CVSS v3.1
MEDIUM (5.3)
EPSS
Pending

KEV

Description

Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 8 hours ago

Overview

  • SICK AG
  • Incoming Goods Suite

15 Jan 2026
Published
15 Jan 2026
Updated

CVSS v3.1
MEDIUM (5.3)
EPSS
Pending

KEV

Description

The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target known security vulnerabilities of used components.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 8 hours ago

Overview

  • SICK AG
  • TDC-X401GL

15 Jan 2026
Published
15 Jan 2026
Updated

CVSS v3.1
MEDIUM (4.3)
EPSS
Pending

KEV

Description

An attacker may exploit missing protection against clickjacking by tricking users into performing unintended actions through maliciously crafted web pages, leading to the extraction of sensitive data.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 8 hours ago

Overview

  • SICK AG
  • Incoming Goods Suite

15 Jan 2026
Published
15 Jan 2026
Updated

CVSS v3.1
MEDIUM (6.8)
EPSS
Pending

KEV

Description

The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 8 hours ago

Overview

  • SICK AG
  • TDC-X401GL

15 Jan 2026
Published
15 Jan 2026
Updated

CVSS v3.1
MEDIUM (5.3)
EPSS
Pending

KEV

Description

Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover credentials and gain unauthorized access to the device.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 8 hours ago
Showing 71 to 80 of 91 CVEs