EUVD-2024-19734

Malicious code in bioql PyPI...

EUVD-2023-28609

Malicious code in bioql PyPI...

CVE-2025-39896

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery work from being queued during device removal Use disableworksync instead of cancelworksync in ivpudevfini to ensure that no new recovery work items can be queued after device removal has started...

CVE-2023-53353 accel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release()

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: postpone memmgr IDR destruction to hprivrelease The memory manager IDR is currently destroyed when user releases the file descriptor. However, at this point the user context might be still held, and memory buffe...

CVE-2023-53350 accel/qaic: Fix slicing memory leak

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix slicing memory leak The temporary buffer storing slicing configuration data from user is only freed on error. This is a memory leak. Free the buffer unconditionally...

SUSE CVE-2025-39722

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO Security Controller on iMX8QM and Secure Enclave on iMX8ULP, which also reserves access to...

Linux Distros Unpatched Vulnerability : CVE-2025-39722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO Security Controller o...

DEBIAN-CVE-2025-39711

In the Linux kernel, the following vulnerability has been resolved: media: ivsc: Fix crash at shutdown due to missing meicldevdisable calls Both the ACE and CSI driver are missing a meicldevdisable call in their remove function. This causes the meicl client to stay part of the meidevice-filelist...

CVE-2025-39722 crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO Security Controller on iMX8QM and Secure Enclave on iMX8ULP, which also reserves access to...

CVE-2025-39721

CVE-2025-39721 (Linux kernel, crypto: qat) : Repeated loading/unloading of a device-specific QAT driver (e.g., qat_4xxx) can trigger a use-after-free when a power-management interrupt fires just before the core intel_qat.ko remains loaded. The shared workqueue qat_misc_wq may still host a deferre...

Malicious code in azure-open-ai-accelerator (npm)

The package azure-open-ai-accelerator was found to contain malicious code...

Microarchitecture Design and Benchmarking of Custom SHA-3 Instruction for RISC-V

Integrating cryptographic accelerators into modern CPU architectures presents unique microarchitectural challenges, particularly when extending instruction sets with complex and multistage operations. Hardware-assisted cryptographic instructions, such as Intel's AES-NI and ARM's custom instructio...

Intel DSA Search Path Uncontrolled Vulnerability

Intel DSA is a hardware gas pedal built into Intel® Xeon® Scalable processors that accelerates storage, networking, and data analytics workloads by offloading data transfer tasks to dedicated hardware, freeing up CPU resources for other tasks. Intel DSA suffers from an uncontrolled search path...

Linux Distros Unpatched Vulnerability : CVE-2020-36423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext because a certain Lucky 13 countermeasure doesn't properly consid...

Malicious code in web-accelerator (npm)

The package web-accelerator was found to contain malicious code...

MAL-2025-38962 Malicious code in web-accelerator (npm)

The package web-accelerator was found to contain malicious code...

CVE-2025-26404

Uncontrolled search path for some IntelR DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2025-26404

Uncontrolled search path for some IntelR DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2025-26404

CVE-2025-26404 concerns Intel® DSA (Driver & Support Assistant) software prior to version 25.2.15.9. The issue is an uncontrolled search path that may allow an authenticated user to escalate privileges via local access. Impact is described as privilege escalation with high secrecy/impact on confi...

Intel DSA 代码问题漏洞

Intel DSA is a hardware gas pedal built into Intel® Xeon® Scalable processors that accelerates storage, networking, and data analytics workloads by offloading data transfer tasks to dedicated hardware, freeing up CPU resources for other tasks. Intel DSA suffers from an uncontrolled search path...