67 matches found
Astra Linux – Vulnerability in RustC
In the standard library of Rust before version 1.19.0, there is a synchronization issue with the MutexGuard object. MutexGuards can be used across threads of any type, which can lead to memory safety issues due to race conditions...
OP-TEE Trusted OS 资源管理错误漏洞
OP-TEE Trusted OS is an implementation of the OP-TEE open-source project, which creates an open-source Trusted Execution Environment TEE that utilizes Arm TrustZone technology. In versions 3.16.0 to 4.11.0 of OP-TEE Trusted OS, there was a resource management vulnerability. This vulnerability...
SUSE CVE-2026-31628
In the Linux kernel, the following vulnerability has been resolved: x86/CPU: Fix FPDSS on Zen1 Zen1's hardware divider can leave, under certain circumstances, partial results from previous operations. Those results can be leaked by another, attacker thread. Fix that with a chicken bit...
CVE-2026-31628 x86/CPU: Fix FPDSS on Zen1
In the Linux kernel, the following vulnerability has been resolved: x86/CPU: Fix FPDSS on Zen1 Zen1's hardware divider can leave, under certain circumstances, partial results from previous operations. Those results can be leaked by another, attacker thread. Fix that with a chicken bit...
Advisory ROSA-SA-2026-3234
software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-6 affected versions curl-8.7.1-6 CVE-ID: CVE-2025-14017 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: In multi-threaded LDAPS transfers in libcurl, changing TLS options in one thread changed them globally and could affect other...
EulerOS Virtualization 2.12.1 : curl (EulerOS-SA-2026-1421)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl,changing TLS options in one thread would inadvertently change th...
EUVD-2021-1589
Malware in sbrugna...
EUVD-2021-1923
Malware in sbrugna...
EUVD-2023-24178
Malicious code in bioql PyPI...
Searching for Privacy Risks in LLM Agents Via Simulation
The widespread deployment of LLM-based agents is likely to introduce a critical privacy threat: malicious agents that proactively engage others in multi-turn interactions to extract sensitive information. These dynamic dialogues enable adaptive attack strategies that can cause severe privacy...
Linux Distros Unpatched Vulnerability : CVE-2023-1998
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as b...
CVE-2020-35924
An issue was discovered in the try-mutex crate before 0.3.0 for Rust. TryMutex allows cross-thread sending of a non-Send type...
CVE-2020-35927
An issue was discovered in the thex crate through 2020-12-08 for Rust. Thex allows cross-thread data races of non-Send types...
CVE-2020-35925
An issue was discovered in the magnetic crate before 2.0.1 for Rust. MPMCConsumer and MPMCProducer allow cross-thread sending of a non-Send type...
kernel: Spectre v2 SMT mitigations problem
It was found that the Linux Kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The kernel failed to protect applications that attempted to protect against Spectre v2 leaving them open to attack from other processes...
Unsound sending of non-Send types across threads
Affected versions can run the Drop impl of a non-Send type on a different thread than it was created on. The flaw occurs when a stderr write performed by the threadalone crate fails, for example because stderr is redirected to a location on a filesystem that is full, or because stderr is a pipe...
kernel: Spectre v2 SMT mitigations problem
It was found that the Linux Kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The kernel failed to protect applications that attempted to protect against Spectre v2 leaving them open to attack from other processes...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6185-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6185-1 advisory. It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial ...
Red Hat libvirt 安全漏洞
Red Hat libvirt is a Linux API for implementing Linux virtualization features from Red Hat, Inc. that supports a variety of Hypervisors, including Xen and KVM, as well as QEMU and a number of virtual products for other operating systems. A security vulnerability exists in Red Hat libvirt that ste...
CBL Mariner 2.0 Security Update: kernel (CVE-2023-1998)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-1998 advisory. - The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL...