ZDI-25-144: NVIDIA Riva gRPC API Missing Authentication for Critical Function Authentication Bypass Vulnerability

Read Time:12 Second

This vulnerability allows remote attackers to bypass authentication on affected installations of NVIDIA Riva. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.5. The following CVEs are assigned: CVE-2025-23243.

OpenIPMI-2.0.36-1.fc41

FEDORA-2025-ae55d50be2 Packages in this update: OpenIPMI-2.0.36-1.fc41 Update description: Update to 2.0.36 Fixes CVE-2024-42934 Read More

March 16, 2025

chromium-134.0.6998.88-3.fc42

FEDORA-2025-6b9cbdbdff Packages in this update: chromium-134.0.6998.88-3.fc42 Update description: Update to 134.0.6998.88 High CVE-2025-1920: Type Confusion in V8 High CVE-2025-2135: Type...

March 15, 2025

jupyterlab-4.3.6-1.fc41

FEDORA-2025-e50201543b Packages in this update: jupyterlab-4.3.6-1.fc41 Update description: Update to 4.3.6 (rhbz#2352545) Read More

March 14, 2025

jupyterlab-4.3.6-1.fc40

FEDORA-2025-1d68ba6806 Packages in this update: jupyterlab-4.3.6-1.fc40 Update description: Update to 4.3.6 (rhbz#2352545) Read More

March 14, 2025

MS-ISAC CYBERSECURITY ADVISORY – Multiple Vulnerabilities in Sante PACS Server Could Allow for Remote Code Execution – PATCH NOW – TLP: CLEAR

Multiple vulnerabilities have been discovered in Sante PACS Server, the most severe of which could allow for remote code execution....

March 14, 2025

dotnet8.0-8.0.114-1.fc40

FEDORA-2025-83c147615e Packages in this update: dotnet8.0-8.0.114-1.fc40 Update description: This is the monthly update for .NET for March 2025. Release Notes:...

March 14, 2025

ClickFix: How to Infect Your PC in Three Easy Steps

Friday Squid Blogging: SQUID Band

Upcoming Speaking Engagements

LockBit Ransomware Developer Extradited to US

TP-Link Router Botnet

Fraudsters Impersonate Clop Ransomware to Extort Businesses

Cybersecurity Industry Falls Short on Collaboration, Says Former GCHQ Director

Volt Typhoon Accessed US OT Network for Nearly a Year

CISA, FBI Warn of Medusa Ransomware Impacting Critical Infrastructure

ZDI-25-144: NVIDIA Riva gRPC API Missing Authentication for Critical Function Authentication Bypass Vulnerability

OpenIPMI-2.0.36-1.fc41

chromium-134.0.6998.88-3.fc42

jupyterlab-4.3.6-1.fc41

jupyterlab-4.3.6-1.fc40

MS-ISAC CYBERSECURITY ADVISORY – Multiple Vulnerabilities in Sante PACS Server Could Allow for Remote Code Execution – PATCH NOW – TLP: CLEAR

dotnet8.0-8.0.114-1.fc40