← Back

Ni Grpc Device Server

ni_grpc_device_server

Vendor: Ni • 7 CVEs

CVEs (7)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Ni
2Instrumentstudio
Ni Grpc Device Server
Jun 25, 2026
Jun 19, 2026
6.3 MEDIUM· v4
5.3 MEDIUM· v3
N/A· v2
There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen.  This may silently discard high bits if a size value exceeded the target type's range. This a...Show more
There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen.  This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions.Show less
1Ni
2Instrumentstudio
Ni Grpc Device Server
Jun 25, 2026
Jun 19, 2026
9.3 CRITICAL· v4
9.1 CRITICAL· v3
N/A· v2
There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback.  This may allow an unauthenticated user access to the server on the...Show more
There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback.  This may allow an unauthenticated user access to the server on the local network.  This affects NI grpc-device 2.17.0 and prior versions.Show less
1Ni
2Instrumentstudio
Ni Grpc Device Server
Jun 25, 2026
Jun 19, 2026
6.0 MEDIUM· v4
7.5 HIGH· v3
N/A· v2
There is a memory leak in NI grpc-device BeginSidebandStream that may result in denial of service due to memory exhaustion.  This affects NI grpc-device 2.17.0 and prior versions.
1Ni
2Instrumentstudio
Ni Grpc Device Server
Jun 25, 2026
Jun 19, 2026
7.1 HIGH· v4
6.5 MEDIUM· v3
N/A· v2
There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successf...Show more
There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message containing an out-of-range value. This affects NI grpc-device 2.17.0 and prior versions.Show less
1Ni
2Instrumentstudio
Ni Grpc Device Server
Jun 25, 2026
Jun 19, 2026
8.7 HIGH· v4
7.5 HIGH· v3
N/A· v2
There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a denial of service by triggering a crash.  Successful exploitation requires an attacker...Show more
There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a denial of service by triggering a crash.  Successful exploitation requires an attacker to provide an unknown value to the data moniker service. This affects NI grpc-device 2.17.0 and prior versions.Show less
1Ni
2Instrumentstudio
Ni Grpc Device Server
Jun 25, 2026
Jun 19, 2026
8.7 HIGH· v4
7.5 HIGH· v3
N/A· v2
There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial of service. Successful exploitation requires an attacker to supply a specially cr...Show more
There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial of service. Successful exploitation requires an attacker to supply a specially crafted write request. This affects NI grpc-device 2.17.0 and prior versions.Show less
1Ni
2Instrumentstudio
Ni Grpc Device Server
Jun 25, 2026
Jun 19, 2026
9.3 CRITICAL· v4
9.8 CRITICAL· v3
N/A· v2
There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution.  S...Show more
There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution.  Successful exploitation requires an attacker  to supply a specially crafted Moniker protobuf message.  This affects NI grpc-device 2.17.0 and prior versions.Show less