AI Sec Watch

NVIDIA Triton Inference Server for Windows and Linux has a vulnerability in its Python backend where an attacker could send a request that causes an out-of-bounds read (accessing memory outside the intended bounds), potentially leading to information disclosure (leaking sensitive data). The vulnerability has a CVSS 4.0 severity rating.

NVIDIA Triton Inference Server for Windows and Linux has a vulnerability in its Python backend where an attacker could manipulate shared memory data to cause an out-of-bounds read (reading data from memory locations that should not be accessed). This vulnerability could potentially lead to information disclosure, meaning an attacker might be able to see sensitive data they shouldn't have access to.

NVIDIA Triton Inference Server (software that runs AI models on Windows and Linux) has a vulnerability where an attacker could send a specially crafted request that causes the server to try allocating an extremely large amount of memory, resulting in a crash (segmentation fault, which is when a program stops running due to a memory error). This could lead to a denial of service attack (making the service unavailable to legitimate users).

NVIDIA Triton Inference Server for Windows and Linux has a vulnerability where an attacker could cause an integer overflow (a bug where a number becomes too large for the system to handle properly) by sending specially crafted inputs, potentially leading to denial of service (making the service unavailable) and data tampering. The severity rating from NIST has not yet been assigned.

NVIDIA Triton Inference Server (software that runs AI models on servers) for Windows and Linux has a vulnerability where an attacker could send specially crafted input that causes an integer overflow (when a number calculation exceeds the maximum value a computer can store, causing unexpected behavior), potentially leading to a denial of service attack (making the service unavailable to legitimate users).

NVIDIA Triton Inference Server for Windows and Linux has a vulnerability where an attacker could send a specially crafted input that causes uncontrolled recursion (a function repeatedly calling itself without stopping), leading to a denial of service (DoS, making the service unavailable to legitimate users). The vulnerability has a CVSS 4.0 severity rating, though a full severity assessment from NIST has not yet been provided.

NVIDIA Triton Inference Server for Windows and Linux has a vulnerability where an integer overflow or wraparound (a mistake in how the software handles very large numbers, causing them to wrap around to negative values) can occur when a user sends an invalid request, potentially causing a segmentation fault (a crash where the program tries to access memory it shouldn't). This could allow an attacker to cause a denial of service (making the service unavailable to legitimate users).

NVIDIA Triton Inference Server for Windows and Linux has a vulnerability where an integer overflow or wraparound (a bug where a number gets too large and wraps around to a very small value) can occur when a user sends an invalid request, potentially causing a segmentation fault (a crash where the program tries to access memory it shouldn't) and leading to denial of service (making the service unavailable to legitimate users). The vulnerability has a CVSS 4.0 severity rating (a 0-10 scale measuring how serious a vulnerability is).

NVIDIA Triton Inference Server for Windows and Linux has a vulnerability where a double free (a memory error where the same memory location is freed twice) can occur when multiple requests cancel a stream before it gets processed, potentially causing a denial of service (making the service unavailable). The vulnerability is tracked as CVE-2025-23322.