CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...

CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...

CVE-2025-59508

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Speech allows an authorized attacker to elevate privileges locally...

python-kdcproxy: Remote DoS via unbounded TCP upstream buffering

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...

python-kdcproxy: Remote DoS via unbounded TCP upstream buffering

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...

Malicious code in capella-concurrently-odin-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e725700b52d2456b454b11f61182cf74dec91a57f7e2a4bb09487941480646e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123443

Malicious code in prettier-plugin-markdown-concurrently-helmet-carina npm...

MAL-2025-149894 Malicious code in zephyr-resolvers-cli-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c010e7aa179a021023ded32a1531ca34e4cd286c20d4e8b50aca8afa148a3ced This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143309 Malicious code in hermes-concurrently-hermes-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e0fc504fe20b5d7a624bf4f16d4f30312aae20867a0ab2bca5a06e6e80bd777 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-63929

The CVE-2025-63929 vulnerability affects airpig2011 IEC104 prior to Commit be6d841 (2019-07-08). A null pointer dereference can occur when multiple threads concurrently enqueue elements via IEC10X_PrioEnQueue, potentially dereferencing a null or freed queue pointer and causing a segmentation faul...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from nvmet-fc not properly handling multiple asynchronous commands, which could lead to a resource leak...

CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...

CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...

IEC104 安全漏洞

IEC104 is an international standard of the International Electrotechnical Commission IEC standards organization widely used in the electric power, urban rail transit, and other industries. A security vulnerability exists in IEC104 Commit be6d841 and prior versions, which stems from the possibilit...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

EUVD-2025-93410

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows DirectX allows an authorized attacker to deny service over a network...

kernel: net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add

A race condition was found in the SMC networking subsystem. Iterating over the link group list in smcrportadd without holding the lock can cause crashes when concurrent add/remove operations modify the list...

PT-2025-46511

Name of the Vulnerable Software and Affected Versions Microsoft Wireless Provisioning System affected versions not specified Description A race condition exists due to concurrent execution using a shared resource with improper synchronization. This allows an authorized attacker to elevate...

PT-2025-46531

Name of the Vulnerable Software and Affected Versions Grafana Snowflake Datasource Plugin versions 1.5.0 through 1.14.0 Description The Grafana Snowflake Datasource Plugin contains a flaw where, with Oauth passthrough enabled, concurrent use by multiple users on a single Grafana instance can lead...

PT-2025-46457

Name of the Vulnerable Software and Affected Versions Windows Speech affected versions not specified Description A race condition exists due to concurrent execution using a shared resource with improper synchronization in Windows Speech. This allows an authorized attacker to elevate privileges...