EUVD-2025-124475

Malicious code in nightmare-run-script-cosmiconfig-non-blocking npm...

MAL-2025-143804 Malicious code in janus-cors-non-blocking-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab10dd4a20efdee524a8a1e195d284589d12d19dfdb7436f4055a944dc3aa658 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-ora-non-blocking-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72234f1311d1f62cd8d227441dd0e05d6145857f9cf50b8d867c692c33ba1a3c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124303

Malicious code in non-blocking-phoenix-figures-algol npm...

QNAP File Station 5 Unlimited or Unthrottled Resource Allocation Vulnerability (CNVD-2025-30286)

QNAP File Station 5 is a core file management application developed by Qualcomm Technologies QNAP for its networked storage NAS devices. QNAP File Station 5 suffers from an Unlimited or Unthrottled Resource Allocation vulnerability, which can be exploited by an attacker to prevent other systems,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a PM runtime enablement that causes tasks to block, potentially leading to a system hang...

CVE-2025-53409

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

CVE-2025-53413

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

tty: n_gsm: Don't block input queue by waiting MSC

...

CVE-2025-40071

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...

[SECURITY] Fedora 43 Update: squid-7.2-1.fc43

Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...

Linux Distros Unpatched Vulnerability : CVE-2025-40071

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls...

[SECURITY] Fedora 42 Update: squid-6.14-1.fc42

Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...

cybersec-ids

cybersec-ids Full-stack AI-driven Web App Intrusion Detection...

Mediawiki GlobalBlocking Extension 安全漏洞

Mediawiki GlobalBlocking Extension is an extension of the Wikimedia Foundation USA. A security vulnerability exists in Mediawiki GlobalBlocking Extension versions 1.43 and 1.44, which stems from improper input neutralization and could lead to a stored cross-site scripting attack...

When Face Recognition Doesn’t Know Your Face Is a Face

An estimated 100 million people live with facial differences. As face recognition tech becomes widespread, some say they’re getting blocked from accessing essential systems and services...

Step Into the Password Graveyard… If You Dare (and Join the Live Session)

Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don't need advanced tools; they just need one careless login. For IT teams, that means endless resets, compliance struggles, and sleepless nights worrying about the next credentia...

Linux Distros Unpatched Vulnerability : CVE-2022-50430

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with mutex and need TASKRUNNING here. Ensure that we mark curren...

Linux Distros Unpatched Vulnerability : CVE-2025-59147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Versions 7.0.11 and below, ...

EUVD-2015-6719

Malware in sbrugna...