EUVD-2025-176505

Malicious code in scale-hot-tree-cache-execute npm...

MAL-2025-187687 Malicious code in key-tree-cron-serialize-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ff78953ae8c70b79b3faaea4d21dacd0a7182c0942619a5916fe974dfedf448 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175846

Malicious code in uglify-zeta-tree-delta-runtime npm...

MAL-2025-186766 Malicious code in enum-new-encode-tree-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce3f7f2e99936ca73aba345579c67f7c9562105e8768b4e88a8d8ed143498917 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189993 Malicious code in tree-notify-fire-resolve-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58286446bdb6c6f5f5005a6bc809b0344a781e5d24164ab1e56e1fe30e434940 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178195

Malicious code in key-tree-cron-serialize-process npm...

EUVD-2025-179375

Malicious code in decompress-tree-protected-upsilon-mu npm...

EUVD-2025-178336

Malicious code in iota-simulate-optimize-tree-bundle npm...

EUVD-2025-175884

Malicious code in tree-awk-notify-beta-cloud npm...

MAL-2025-189995 Malicious code in tree-psi-air-moon-air (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83074f704eb4e4519a481ac7f001147d60931915820fa8b068b512c76f180ed4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Siemens SIMATIC S7-1500 Improper Handling of Exceptional Conditions (CVE-2019-19924)

SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite error handling. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

Malicious code in mutrasd-nutyui-mutriao (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3047c72872dc301833d5a0db7c752459402abb625392cbf4300c29aac728aea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-40113

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: pas: Shutdown lite ADSP DTB on X1E The ADSP firmware on X1E has separate firmware binaries for the main firmware and the DTB. The same applies for the "lite" firmware loaded by the boot firmware. When preparing ...

CVE-2025-40113

CVE-2025-40113 concerns the Linux kernel remoteproc/qcom PAS handling for the X1E ADSP, where the lite DTB firmware was left running after preparing to load new ADSP firmware. The issue stemmed from not shutting down the lite_dtb_pas_id for the DTB, leaving a memory region (&adsp_boot_dtb_mem) ac...

CVE-2025-40113 remoteproc: qcom: pas: Shutdown lite ADSP DTB on X1E

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: pas: Shutdown lite ADSP DTB on X1E The ADSP firmware on X1E has separate firmware binaries for the main firmware and the DTB. The same applies for the "lite" firmware loaded by the boot firmware. When preparing ...

CVE-2025-40113

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: pas: Shutdown lite ADSP DTB on X1E The ADSP firmware on X1E has separate firmware binaries for the main firmware and the DTB. The same applies for the "lite" firmware loaded by the boot firmware. When preparing ...

kernel: mm: fix zswap writeback race condition

In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race condition The zswap writeback mechanism can cause a race condition resulting in memory corruption, where a swapped out page gets swapped in with data that was written to a different page. The race...

kernel: mm: fix zswap writeback race condition

In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race condition The zswap writeback mechanism can cause a race condition resulting in memory corruption, where a swapped out page gets swapped in with data that was written to a different page. The race...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990897)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990897 advisory. In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in genradixptralloc If we need to increase the tree depth...

Linux Distros Unpatched Vulnerability : CVE-2025-40113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - remoteproc: qcom: pas: Shutdown lite ADSP DTB on X1E The ADSP firmware on X1E has separate firmware binaries for the main firmware and the DTB. The same applies...