The Star Product of Uniformly Random Codes

We consider the problem of determining the expected dimension of the star product of two uniformly random linear codes that are not necessarily of the same dimension. We achieve this by establishing a correspondence between the star product and the evaluation of bilinear forms, which we use to...

Siemens SCALANCE and RUGGEDCOM Devices Integer Overflow or Wraparound (CVE-2024-53145)

um: potential integer overflow during physmem setup. This vulnerability happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

kernel: eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

CLSA-2025-1763124505 xorg-x11-server-Xwayland: Fix of CVE-2023-6816

CVE-2023-6816: fix heap buffer overflow in logical button map allocation, allocate sufficient space for maximum button mappings up to 255...

SUSE CVE-2025-40205

In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfsencodefh The function btrfsencodefh does not properly account for the three cases it handles. Before writing to the file handle fh, the function only returns to the user...

Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2024-42131)

In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGESIZE units fit into 32-bit so that various multiplications fit into 64-bits. If limits end up bein...

DEBIAN-CVE-2025-40205

In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfsencodefh The function btrfsencodefh does not properly account for the three cases it handles. Before writing to the file handle fh, the function only returns to the user...

EUVD-2025-124913

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

CVE-2025-40170 net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990748)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990748 advisory. In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interfac...

Malicious code in maximum_caterpillar_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12f72d7f136a465fb392efe6f341bbdcfed57bede3ba839347f40d337bea7d58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-90123

Malicious code in maximummongoosez3n npm...

kernel: usbnet: ipheth: fix possible overflow in DPE length check

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. Move the wDatagramIndex term t...

EUVD-2025-76322

Malicious code in maximumroadrunner-biggestdev npm...

EUVD-2025-69069

Malicious code in maximumcrocodilez3n npm...

MAL-2025-105675 Malicious code in maximum_kingfisher_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 546e0078c8c82c8c2c48c551d7952b23abfb0ccf771bb37c719f9d29ce9e95ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-69068

Malicious code in maximumkingfisherz3n npm...

EUVD-2025-63135

Malicious code in maximumroadrunnerz3n npm...

Malicious code in maximum_whitefish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a5d56e4a7140bf6eb991fa449b242a6247bc15a2d44626bf5ae7b9d79437811 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-88324 Malicious code in maximum_whitefish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a5d56e4a7140bf6eb991fa449b242a6247bc15a2d44626bf5ae7b9d79437811 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...