MAL-2025-186265 Malicious code in concurrently-configstore-lyra-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbdd3e3fbd31161db4d4c071bc50e19eb1af1064e748a5e2f0131d7ff033d0b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...

Siemens SIMATIC S7-1500 Concurrent Execution using Shared Resource with Improper Synchronization (CVE-2024-26671)

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC S7-1500 Concurrent Execution using Shared Resource with Improper Synchronization (CVE-2024-26645)

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...

CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...

CVE-2025-59508

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Speech allows an authorized attacker to elevate privileges locally...

python-kdcproxy: Remote DoS via unbounded TCP upstream buffering

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...

python-kdcproxy: Remote DoS via unbounded TCP upstream buffering

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...

EUVD-2025-123443

Malicious code in prettier-plugin-markdown-concurrently-helmet-carina npm...

Malicious code in capella-concurrently-odin-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e725700b52d2456b454b11f61182cf74dec91a57f7e2a4bb09487941480646e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143309 Malicious code in hermes-concurrently-hermes-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e0fc504fe20b5d7a624bf4f16d4f30312aae20867a0ab2bca5a06e6e80bd777 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149894 Malicious code in zephyr-resolvers-cli-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c010e7aa179a021023ded32a1531ca34e4cd286c20d4e8b50aca8afa148a3ced This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-63929

The CVE-2025-63929 vulnerability affects airpig2011 IEC104 prior to Commit be6d841 (2019-07-08). A null pointer dereference can occur when multiple threads concurrently enqueue elements via IEC10X_PrioEnQueue, potentially dereferencing a null or freed queue pointer and causing a segmentation faul...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from nvmet-fc not properly handling multiple asynchronous commands, which could lead to a resource leak...

CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...

CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...

IEC104 安全漏洞

IEC104 is an international standard of the International Electrotechnical Commission IEC standards organization widely used in the electric power, urban rail transit, and other industries. A security vulnerability exists in IEC104 Commit be6d841 and prior versions, which stems from the possibilit...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

EUVD-2025-93410

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows DirectX allows an authorized attacker to deny service over a network...