209 matches found
CVE-2025-40231 vsock: fix lock inversion in vsock_assign_transport()
In the Linux kernel, the following vulnerability has been resolved: vsock: fix lock inversion in vsockassigntransport Syzbot reported a potential lock inversion deadlock between vsockregistermutex and sklock-AFVSOCK when vsocklinger is called. The issue was introduced by commit 687aa0c5581b "vsoc...
CVE-2025-40231 vsock: fix lock inversion in vsock_assign_transport()
In the Linux kernel, the following vulnerability has been resolved: vsock: fix lock inversion in vsockassigntransport Syzbot reported a potential lock inversion deadlock between vsockregistermutex and sklock-AFVSOCK when vsocklinger is called. The issue was introduced by commit 687aa0c5581b "vsoc...
CVE-2025-61945
Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the VizAir system without authentication. Once inside, the attacker can modify critical weather parameters such as wind shear alerts, inversion depth, and CAPE values, which are essential for accurate weathe...
drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV
...
CVE-2025-61945
Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the VizAir system without authentication. Once inside, the attacker can modify critical weather parameters such as wind shear alerts, inversion depth, and CAPE values, which are essential for accurate weathe...
CVE-2025-61945
Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the VizAir system without authentication. Once inside, the attacker can modify critical weather parameters such as wind shear alerts, inversion depth, and CAPE values, which are essential for accurate weathe...
CVE-2025-61945 Missing Authentication for Critical Function in Radiometrics VizAir
Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the VizAir system without authentication. Once inside, the attacker can modify critical weather parameters such as wind shear alerts, inversion depth, and CAPE values, which are essential for accurate weathe...
CVE-2025-61945
Radiometrics VizAir is affected by a missing authentication for critical functions vulnerability: an unauthenticated remote attacker can access the admin panel and modify key weather parameters (wind shear alerts, inversion depth, CAPE) and potentially disable alerts or alter runway settings. Mul...
CVE-2025-61945 Missing Authentication for Critical Function in Radiometrics VizAir
Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the VizAir system without authentication. Once inside, the attacker can modify critical weather parameters such as wind shear alerts, inversion depth, and CAPE values, which are essential for accurate weathe...
PT-2025-45017
Name of the Vulnerable Software and Affected Versions Radiometrics VizAir affected versions not specified Description Radiometrics VizAir is susceptible to unauthorized access to the admin panel, allowing remote attackers to modify critical weather parameters. These parameters include wind shear...
Model Inversion Attacks Meet Cryptographic Fuzzy Extractors
Model inversion attacks pose an open challenge to privacy-sensitive applications that use machine learning ML models. For example, face authentication systems use modern ML models to compute embedding vectors from face images of the enrolled users and store them. If leaked, inversion attacks can...
Siemens SIMATIC Devices Improper Locking (CVE-2024-35895)
"In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be invoked from any...
Linux Distros Unpatched Vulnerability : CVE-2023-53731
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netlink: fix potential deadlock in netlinkseterr syzbot reported a possible deadlock in netlinkseterr 1 A similar issue was fixed in commit 1d482e666b8e netlin...
DEBIAN-CVE-2023-53731
In the Linux kernel, the following vulnerability has been resolved: netlink: fix potential deadlock in netlinkseterr syzbot reported a possible deadlock in netlinkseterr 1 A similar issue was fixed in commit 1d482e666b8e "netlink: disable IRQs for netlinklocktable" in netlinklocktable This patch...
PT-2025-43132
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc6-syzkaller-00240-g4e9f0ec38852 Description The Linux kernel contained a potential deadlock issue within the netlink set err function. The syzbot fuzzer identified a possible lock inversion dependency,...
PT-2025-49058
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to a lock inversion deadlock between vsock register mutex and sk lock-AF VSOCK when the vsock linger function is called. This issue stemmed from ...
EUVD-2025-31846
A weakness has been identified in itsourcecode Student Transcript Processing System 1.0. Affected is an unknown function of the file /login.php. Executing manipulation of the argument uname can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made availabl...
EUVD-2015-6521
Malware in sbrugna...
EUVD-2025-11826
Malicious code in bioql PyPI...
EUVD-2022-48057
Malicious code in bioql PyPI...