CVE-2025-27073

Transient DOS while creating NDP instance...

CVE-2025-27073 Reachable Assertion in WLAN Firmware

Transient DOS while creating NDP instance...

CVE-2025-27073

Technical details about CVE-2025-27073 are not publicly available in the provided documents. Monitor for updates from vendors and security bulletins.

CVE-2025-27073 Reachable Assertion in WLAN Firmware

Transient DOS while creating NDP instance...

PT-2025-32138

Name of the Vulnerable Software and Affected Versions: NDP affected versions not specified Description: The software experiences a transient Denial of Service DoS condition during the creation of a new NDP instance. Recommendations: At the moment, there is no information about a newer version tha...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that stems from the creation of an NDP instance that could result in a transient denial of service...

CVE-2025-38360 drm/amd/display: Add more checks for DSC / HUBP ONO guarantees

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees WHY For non-zero DSC instances it's possible that the HUBP domain required to drive it for sequential ONO ASICs isn't met, potentially causing the logic to the tile t...

ALSA-2025:11324 Important: cloud-init security update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Security Fixes: cloud-init: Cloud init permissions flaw CVE-2024-6174 For more...

RHEL 9 : cloud-init (RHSA-2025:10879)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10879 advisory. The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to...

CVE-2025-3648

A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list ACL configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer...

SUSE CVE-2025-25207

The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...

UBUNTU-CVE-2025-46733

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In version 4.5.0, using a specially crafted tee-supplicant binary running in REE userspace, an attacker can trigger a panic in a TA that...

CVE-2025-6491

creationtimestamp| type| source ---|---|--- 2025-07-03 14:27:45+00:00| seen| https://bsky.app/profile/remirepo.net/post/3lt2wr5vznc2z 2025-07-03 14:28:49+00:00| seen| https://bsky.app/profile/remirepo.net/post/3lt2wt3iuzk2z 2025-07-04 11:06:29+00:00| seen|...

CVE-2025-38150

In the Linux kernel, the following vulnerability has been resolved: afpacket: move notifier's packetdevmc out of rcu critical section Syzkaller reports the following issue: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578 mutexlock+0x106/0xe80...

DEBIAN-CVE-2025-52576

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard is vulnerable to username enumeration and IP spoofing-based brute-force protection bypass. By analyzing login behavior and abusing trusted HTTP headers, an attacker can determine vali...

GHSA-H5GC-RM8J-5GPR LangChain Community SSRF vulnerability exists in RequestsToolkit component

A Server-Side Request Forgery SSRF vulnerability exists in the RequestsToolkit component of the langchain-community package specifically, langchaincommunity.agenttoolkits.openapi.toolkit.RequestsToolkit in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does n...

PYSEC-2025-70

A Server-Side Request Forgery SSRF vulnerability exists in the RequestsToolkit component of the langchain-community package specifically, langchaincommunity.agenttoolkits.openapi.toolkit.RequestsToolkit in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does n...

CVE-2025-30680

A Server-side Request Forgery SSRF vulnerability in Trend Micro Apex Central SaaS could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations. Please note: this vulnerability only affects the SaaS instance of Apex Central - customers that...

CVE-2025-30680

A Server-side Request Forgery SSRF vulnerability in Trend Micro Apex Central SaaS could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations. Please note: this vulnerability only affects the SaaS instance of Apex Central - customers that...

CVE-2025-30680

A Server-side Request Forgery SSRF vulnerability in Trend Micro Apex Central SaaS could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations. Please note: this vulnerability only affects the SaaS instance of Apex Central - customers that...