[SECURITY] Fedora 42 Update: docker-buildkit-0.26.1-1.fc42

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

[SECURITY] Fedora 43 Update: docker-buildkit-0.26.1-1.fc43

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

SUSE CVE-2025-59089

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...

Nonce Reuse

Overview @hpke/core is an A Hybrid Public Key Encryption HPKE core module for various JavaScript runtimes Affected versions of this package are vulnerable to Nonce Reuse via the public SenderContext Seal API. An attacker can compromise the confidentiality and integrity of encrypted messages by...

GHSA-73G8-5H73-26H4 @hpke/core reuses AEAD nonces

Summary The public SenderContext Seal API has a race condition which allows for the same AEAD nonce to be re-used for multiple Seal calls. This can lead to complete loss of Confidentiality and Integrity of the produced messages. Details The SenderContext Seal implementation allows for concurrent...

Race Condition

Argo CD is vulnerable to a race condition. The vulnerability is due to a flaw in the repository credentials handler that triggers a server panic during concurrent operations on the same repository URL, which allows an attacker to crash the Argo CD server...

TencentOS Server 3: kernel (TSSA-2024:1025)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1025 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

python-kdcproxy: Remote DoS via unbounded TCP upstream buffering

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53173)

NFSv4.0: When two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfsreleaseseqid in nfs4opendatafree can result in a use-after- free of the pointer to the defunct rpc task of the other thread. This plugin only works with Tenable.ot...

[SECURITY] Fedora 41 Update: docker-buildkit-0.25.2-1.fc41

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

Positive MaxPatrol 8和Positive XSpider 安全漏洞

Positive MaxPatrol 8 and Positive XSpider are both products of the Russian company Positive.Positive MaxPatrol 8 is a vulnerability management platform.Positive XSpider is a network vulnerability scanner. A security vulnerability exists in Positive MaxPatrol 8 and Positive XSpider that stems from...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

BIT-ARGO-CD-2025-55191 Repository Credentials Race Condition Crashes Argo CD Server

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions between 2.1.0 and 2.14.19, 3.2.0, 3.1.0 through 3.1.7, and 3.0.0 through 3.0.18 contain a race condition in the repository credentials handler that can cause the Argo CD server to panic and crash when concurrent...

Improper File Access

runc is vulnerable to improper file access. The vulnerability is due to insufficient validation of write targets in /proc during concurrent container execution with shared mounts, which allows an attacker to exploit race conditions and redirect writes to unintended procfs files...

MAL-2025-186265 Malicious code in concurrently-configstore-lyra-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbdd3e3fbd31161db4d4c071bc50e19eb1af1064e748a5e2f0131d7ff033d0b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in deimos-concurrently-outercore-browserify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ffa621761675fd2e3ec7b468f01d71eee4ac950beb2e51f7e89d5533a0a6b4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...

Siemens SIMATIC S7-1500 Concurrent Execution using Shared Resource with Improper Synchronization (CVE-2024-26645)

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC S7-1500 Concurrent Execution using Shared Resource with Improper Synchronization (CVE-2024-26671)

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...