CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53880
https://notcve.org/view.php?id=CVE-2024-53880
12 Feb 2025 — NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. A successful exploit of this vulnerability might lead to denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5612 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0116
https://notcve.org/view.php?id=CVE-2024-0116
01 Oct 2024 — NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnerability may lead to denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5565 • CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0095
https://notcve.org/view.php?id=CVE-2024-0095
13 Jun 2024 — NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. NVIDIA Triton Inference Server para Linux y Windows contiene una vulnerabilidad en la que un usuario puede inyectar registros falsificados y comandos ejecutables in... • https://nvidia.custhelp.com/app/answers/detail/a_id/5546 • CWE-117: Improper Output Neutralization for Logs •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0088
https://notcve.org/view.php?id=CVE-2024-0088
09 May 2024 — NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering. NVIDIA Triton Inference Server para Linux contiene una vulnerabilidad en las API de memoria compartida, donde un usuario puede causar un problema de acceso inadecuado a la memoria mediante una API de red. Una explotación exitosa de esta vulnerabilidad pod... • https://nvidia.custhelp.com/app/answers/detail/a_id/5535 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0100
https://notcve.org/view.php?id=CVE-2024-0100
09 May 2024 — NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user can corrupt system files. A successful exploit of this vulnerability might lead to denial of service and data tampering. NVIDIA Triton Inference Server para Linux contiene una vulnerabilidad en la API de seguimiento, donde un usuario puede dañar archivos del sistema. Una explotación exitosa de esta vulnerabilidad podría provocar denegación de servicio y manipulación de datos. • https://nvidia.custhelp.com/app/answers/detail/a_id/5535 • CWE-73: External Control of File Name or Path •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0087
https://notcve.org/view.php?id=CVE-2024-0087
09 May 2024 — NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitrary file. If this file exists, logs are appended to the file. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. NVIDIA Triton Inference Server para Linux contiene una vulnerabilidad en la que un usuario puede configurar la ubicación de registro en un archivo arbitrario. Si este a... • https://nvidia.custhelp.com/app/answers/detail/a_id/5535 • CWE-73: External Control of File Name or Path •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-31036
https://notcve.org/view.php?id=CVE-2023-31036
12 Jan 2024 — NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the model load API to cause a relative path traversal. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. NVIDIA Triton Inference Server para Linux y Windows contiene una vulnerabilidad en la que, cuando se inic... • https://nvidia.custhelp.com/app/answers/detail/a_id/5509 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •