AttackMate: Realistic Emulation and Automation of Cyber Attack Scenarios across the Kill Chain

Adversary emulation tools facilitate scripting and automated execution of cyber attack chains, thereby reducing costs and manual expert effort required for security testing, cyber exercises, and intrusion detection research. However, due to the fact that existing tools typically rely on agents...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001254)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001254 advisory. The oomreaptaskmm function in mm/oomkill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service TLB...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003601)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003601 advisory. An issue was discovered in rdstcpkillsock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net...

CVE-2025-71079

In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix deadlock between nfcunregisterdevice and rfkillfopwrite A deadlock can occur between nfcunregisterdevice and rfkillfopwrite due to lock ordering inversion between devicelock and rfkillglobalmutex. The problematic lo...

SUSE CVE-2025-68812

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

SUSE CVE-2025-71075

In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asdpciremove function fails to synchronize with pending tasklets before freeing the asdha structure, leading to a potential use-after-free vulnerability. When a device...

The Promptware Kill Chain: How Prompt Injections Gradually Evolved into a Multi-Step Malware

Whitepaper called The Promptware Kill Chain: How Prompt Injections Gradually Evolved Into A Multi-Step Malware...

CVE-2025-71075

In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asdpciremove function fails to synchronize with pending tasklets before freeing the asdha structure, leading to a potential use-after-free vulnerability. When a device...

AZL-74400 CVE-2025-71075 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asdpciremove function fails to synchronize with pending tasklets before freeing the asdha structure, leading to a potential use-after-free vulnerability. When a device...

CVE-2025-71075 scsi: aic94xx: fix use-after-free in device removal path

In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asdpciremove function fails to synchronize with pending tasklets before freeing the asdha structure, leading to a potential use-after-free vulnerability. When a device...

CVE-2025-71075

In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asdpciremove function fails to synchronize with pending tasklets before freeing the asdha structure, leading to a potential use-after-free vulnerability. When a device...

kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free

A vulnerability was found in isosockkill in net/bluetooth/iso.c in Bluetooth protocol stack in the Linux Kernel. In this flaw if the conn-sk is not set to NULL may lead to UAF on isoconnfree...

PT-2026-2596

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s aic94xx SCSI driver where the asd pci remove function does not properly synchronize with pending tasklets before freeing the asd ha structure. This ca...

FoolishScan

Foolish Scan v2.3 Gold Master Context-Aware CTF & Lab Re...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993007)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993007 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in sndcardregiste...

CVE-2022-50838 net: stream: purge sk_error_queue in sk_stream_kill_queues()

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

CVE-2022-50838 net: stream: purge sk_error_queue in sk_stream_kill_queues()

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992352)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992352 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in sndcardregiste...

CVE-2018-25146

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service...

CVE-2018-25146

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service...