23 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ACPICA: fixed the ACPI operand cache leak in dswstate.c ACPICA commit: 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I discovered a ACPI cache leak in cases where ACPI early termination occurs and the boot process continues. When earl...
RecurGuard: Runtime Monitoring for Reasoning-Token Consumption Attacks
Reasoning-capable large language models can be induced to spend their generation budget on injected decoy tasks rather than answering the user's question, causing denial of service when no final answer is produced and denial of wallet when excess output tokens are billed. Input-side safety...
kernel: ACPICA: fix acpi operand cache leak in dswstate.c
In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination occurs due to maliciou...
CVE-2026-41674
xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package serializes DocumentType node fields internalSubset, publicId, systemId verbatim without any...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an early termination condition in golang.org/x/crypto [CVE-2025-47913]
Summary IBM Watson Speech Services Cartridge is vulnerable to an early termination condition in golang.org/x/crypto, due to an issue with SSH clients CVE-2025-47913. golang.org/x/crypto is used in our Speech Operators. This vulnerabilitiy has been addressed. Please read the details for remediatio...
parse-server has GraphQL complexity validator exponential fragment traversal DoS
Impact The GraphQL query complexity validator can be exploited to cause a denial-of-service by sending a crafted query with binary fan-out fragment spreads. A single unauthenticated request can block the Node.js event loop for seconds, denying service to all concurrent users. This only affects...
CLEANSTART-2026-RX06615 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process
Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...
CVE-2025-47913
A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...
EUVD-2025-177185
SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process...
CVE-2025-47913
SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process...
CVE-2025-47913
SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process...
UBUNTU-CVE-2025-47913
SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process...
EUVD-2004-2348
Malware in sbrugna...
EUVD-2025-20901
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-38345
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination an...
Linux Distros Unpatched Vulnerability : CVE-2023-52887
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: enhanced error handling for tightly received RTS messages in...
DEBIAN-CVE-2025-38345
In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination occurs due to maliciou...
AZL-64922 CVE-2025-38345 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination occurs due to maliciou...
UBUNTU-CVE-2025-38345
In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination occurs due to maliciou...
CVE-2025-38345 ACPICA: fix acpi operand cache leak in dswstate.c
In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination occurs due to maliciou...