95 matches found
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: pdscore: removed the “write-after-free” issue related to clientid. A use-after-free error was encountered during stress testing: Mon Apr 21 21:21:33 2025 BUG: KFENCE: use-after-free write at pdscauxbusdevdel+0xef/0x160 pdscore. M...
DEBIAN-CVE-2025-37916
In the Linux kernel, the following vulnerability has been resolved: pdscore: remove write-after-free of clientid A use-after-free error popped up in stress testing: Mon Apr 21 21:21:33 2025 BUG: KFENCE: use-after-free write in pdscauxbusdevdel+0xef/0x160 pdscore Mon Apr 21 21:21:33 2025...
PT-2025-22178
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free error was discovered in the Linux kernel, specifically in the pds core module. This issue arose during stress testing and is related to the pdsc auxbus dev del function...
GraphAttack: Exploiting Representational Blindspots in LLM Safety Mechanisms
Large Language Models LLMs have been equipped with safety mechanisms to prevent harmful outputs, but these guardrails can often be bypassed through "jailbreak" prompts. This paper introduces a novel graph-based approach to systematically generate jailbreak prompts through semantic transformations...
The vulnerability of the SIEM systems’ load testing tools, Kraken Stress Testing Toolkit, arises due to deficiencies in the authentication process, allowing unauthorized users to gain access to protected information.
The vulnerability of the SIEM systems’ stress testing tools, such as Kraken Stress Testing Toolkit, stems from deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the SIEM systems’ load testing tool, Kraken Stress Testing Toolkit, arises from the improper use of X-Content-Type-Options headers. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the SIEM systems’ load testing tools, such as the Kraken Stress Testing Toolkit, is related to the improper use of X-Content-Type-Options headers for protection mechanisms. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and...
The vulnerability of the SIEM system testing tool Kraken Stress Testing Toolkit lies in the reading beyond the buffer in memory, allowing a malicious actor to trigger a service failure.
The vulnerability of the SIEM systems’ load testing tools, such as the Kraken Stress Testing Toolkit, lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
PT-2025-15257 · General · Kraken Stress Testing Toolkit
Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit связана с некорректным ограничением визуализированных слоев пользовательского интерфейса. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, нарушить целостность защищаемой информаци...
PT-2025-15263 · General · Kraken Stress Testing Toolkit
Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit связана с чтением за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании...
PT-2025-15262 · General · Kraken Stress Testing Toolkit
Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit связана с неконтролируемым расходом ресурсов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании...
PT-2025-15258 · General · Kraken Stress Testing Toolkit
Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit связана с некорректным использованием механизмов защиты Content Security Policy CSP. Эксплуатация уязвимости может позволить нарушителю оказать воздействие на конфиденциальность, целостность и доступность...
PT-2025-15261 · General · Kraken Stress Testing Toolkit
Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit связана с неверным ограничением имени пути к каталогу. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемой информации...
PT-2025-15259 · General · Kraken Stress Testing Toolkit
Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit вызвана недостатками процедуры авторизации. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемой информации...
DEBIAN-CVE-2023-52932
In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: add condresched in getswappages The softlockup still occurs in getswappages under memory pressure. 64 CPU cores, 64GB memory, and 28 zram devices, the disksize of each zram device is 50MB with same priority as si. Us...
CVE-2023-52932 mm/swapfile: add cond_resched() in get_swap_pages()
In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: add condresched in getswappages The softlockup still occurs in getswappages under memory pressure. 64 CPU cores, 64GB memory, and 28 zram devices, the disksize of each zram device is 50MB with same priority as si. Us...
CVE-2025-25568
SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the CheckNetworkAcceptThread function. NOTE: the Supplier disputes this because the use-after-free is not in the VPN software, but is instead in a separate tool that has no untrusted input and runs under the user's o...
Linux Distros Unpatched Vulnerability : CVE-2024-42071
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ionic: use devconsumeskbany outside of napi If we're not in a NAPI softirq context, we need...
SUSE CVE-2022-49090
In the Linux kernel, the following vulnerability has been resolved: arch/arm64: Fix topology initialization for core scheduling Arm64 systems rely on storecputopology to call updatesiblingsmasks to transfer the toplogy to the various cpu masks. This needs to be done before the call to...
DEBIAN-CVE-2022-49536
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...
CVE-2022-49536
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...