6.6

CVSS3.1

CVE-2025-65960 - Contao is vulnerable to remote code execution in template closures

Contao is an Open Source CMS. From version 4.0.0 to before 4.13.57, before 5.3.42, and before 5.6.5, back end users with precise control over the contents of template closures can execute arbitrary PHP functions that do not have required parameters. This issue has been patched in versions 4.13.57, โ€ฆ

๐Ÿ“… Published: Nov. 25, 2025, 6:54 p.m. ๐Ÿ”„ Last Modified: Nov. 25, 2025, 8 p.m.

7.6

CVSS3.1

CVE-2025-33203 -

NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service.

๐Ÿ“… Published: Nov. 25, 2025, 6:10 p.m. ๐Ÿ”„ Last Modified: Nov. 25, 2025, 6:10 p.m.

7.3

CVSS3.1

CVE-2025-33205 -

NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution.

๐Ÿ“… Published: Nov. 25, 2025, 6:07 p.m. ๐Ÿ”„ Last Modified: Nov. 25, 2025, 6:07 p.m.

7.8

CVSS3.1

CVE-2025-33204 -

NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tโ€ฆ

๐Ÿ“… Published: Nov. 25, 2025, 6:06 p.m. ๐Ÿ”„ Last Modified: Nov. 25, 2025, 6:06 p.m.

2.3

CVSS3.1

CVE-2025-33200 -

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.

๐Ÿ“… Published: Nov. 25, 2025, 6 p.m. ๐Ÿ”„ Last Modified: Nov. 25, 2025, 9:33 p.m.

3.2

CVSS3.1

CVE-2025-33199 -

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successful exploit of this vulnerability might lead to data tampering.

๐Ÿ“… Published: Nov. 25, 2025, 6 p.m. ๐Ÿ”„ Last Modified: Nov. 25, 2025, 9:23 p.m.

3.3

CVSS3.1

CVE-2025-33198 -

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.

๐Ÿ“… Published: Nov. 25, 2025, 6 p.m. ๐Ÿ”„ Last Modified: Nov. 25, 2025, 9:07 p.m.

4.3

CVSS3.1

CVE-2025-33197 -

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a NULL pointer dereference. A successful exploit of this vulnerability might lead to denial of service.

๐Ÿ“… Published: Nov. 25, 2025, 6 p.m. ๐Ÿ”„ Last Modified: Nov. 25, 2025, 9:02 p.m.

4.4

CVSS3.1

CVE-2025-33196 -

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.

๐Ÿ“… Published: Nov. 25, 2025, 5:59 p.m. ๐Ÿ”„ Last Modified: Nov. 25, 2025, 8:13 p.m.

4.4

CVSS3.1

CVE-2025-33195 -

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer operations. A successful exploit of this vulnerability might lead to data tampering, denial of service, or escalation of privileges.

๐Ÿ“… Published: Nov. 25, 2025, 5:59 p.m. ๐Ÿ”„ Last Modified: Nov. 25, 2025, 7:40 p.m.
Total resulsts: 319389
Page 2 of 31,939
ยซ previous page ยป next page
Filters