EUVD-2025-147389

Malicious code in tusya-fss-3a npm...

EulerOS 2.0 SP5 : docker-engine (EulerOS-SA-2024-2069)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an...

CBL Mariner 2.0 Security Update: cri-tools / kubernetes (CVE-2024-21626)

The version of cri-tools / kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21626 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI...

RHCOS 4 : OpenShift Container Platform 4.12.49 (RHSA-2024:0666)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0666 advisory. - runc: file descriptor leak CVE-2024-21626 Note that Nessus has not tested for this issue but has instead relied only on the application's...

Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to Spectre variants 4 and 3a (CVE-2018-3639 CVE-2018-3640)

Summary IBM has released the following Unified Extensible Firmware Interface UEFI fixes for System x, Flex and BladeCenter systems in response to the vulnerabilities referred to as Spectre variants 4 and 3a. Vulnerability Details CVEID: CVE-2018-3639 DESCRIPTION: Multiple Intel CPU''s could allow...

F5 Networks BIG-IP : RSRE Variant 3a vulnerability (K51801290)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K51801290 advisory. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may...

Malicious code in 3a-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx bbd096556ffc90070942d3750f4d790cad77115f15c0e3b8aec5d6788bc817d8 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

Security Bulletin: Multiple Vulnerabilities related to SnakeYAML in Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-38749)

Summary Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. While deserializing unknown yaml content can lead to remote code execution. Vulnerability Details CVEID:CVE-2022-38750 DESCRIPTION: SnakeYAML is vulnerable to a denial of service, caused by a...

Siemens SIMATIC Spectre-NG Variants 3a and 4 (CVE-2018-3639)

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Stor...

Q2 2018 Speculative Execution Side Channel Update

Summary: Security researchers identified two software analysis methods that, if used for malicious purposes, have the potential to improperly gather sensitive data from multiple types of computing devices with different vendors’ processors and operating systems. Intel is committed to product and...

ASB-A-153450752

In various functions in fscryptice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs Initialization Vectors, 64-bit IVs are used and later are truncated to 32 bits. This may cause IV reuse and thus weakened disk encryption...

Rockwell Automation ArmorStart 283D 600V 3A 24VDC 283D-FC3Z-10A Motor Starter

Binary data 753160.prm...

Rockwell Automation ArmorStart 283D 3A 120VAC 283D-F3D-10A Motor Starter

Binary data 753152.prm...

Mitsubishi FX3U-3A-ADP Analog I/O Module Detection

Binary data 750958.prm...

Rockwell Automation ArmorStart 283D 600V 3A 240VAC 283D-FC3B-10A Motor Starter

Binary data 753168.prm...

Rockwell Automation ArmorStart 283D 600V 3A 120VAC 283D-FC3D-10A Motor Starter

Binary data 753164.prm...

Consistent backup failures after installing vSphere 6.7 U1

Challenge After updating vCenter to 6.7U1, processing of all VMs fails with "Object reference not set to an instance of an object." Cause The issue is triggered by an update to the vSphere API version in vCenter 6.7 U1. Solution The issue affects only Veeam Backup & Replication 9.5 Update 3a...

Speculative Execution Side Channel Vulnerability Variants - Lenovo Support US

No description provided...

Speculative Execution Side Channel Variants 4 and 3a - US

Lenovo Security Advisory: LEN-22133 Potential Impact: Malicious code running locally may be able to observe contents of privileged memory or registers, circumventing expected privilege levels Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3639, CVE-2018-3640 Summary...

Security Advisory - Side-Channel Vulnerability Variants 3a and 4

Intel publicly disclosed new variants of the side-channel central processing unit CPU hardware vulnerabilities known as Spectre and Meltdown. These variants known as 3A （CVE-2018-3640）and 4 （CVE-2018-3639, local attackers may exploit these vulnerabilities to cause information leak on the affected...