GHSA-XH5J-XJFQ-QVVX stigmem-node's federation peer token timestamp validation may reject valid peer tokens

Impact A mismatch in federation peer-token timestamp handling could cause valid peer tokens to be treated as expired. Impacted deployments are Stigmem nodes using federation peer authentication paths from affected versions. The primary impact is availability and reliability of authenticated...

PT-2026-22626

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the DirectorServer WebSocket server imposes no limit on concurrent connections. Combined with a broadcast timer that sends state to all connected clients every 100 ms, an attacker can exhaust CPU and memory by flooding the server...

CVE-2025-68236 scsi: ufs: ufs-qcom: Fix UFS OCP issue during UFS power down (PC=3)

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fix UFS OCP issue during UFS power down PC=3 According to UFS specifications, the power-off sequence for a UFS device includes: - Sending an SSU command with PowerCondition=3 and await a response. - Asserting...

CVE-2025-68236

CVE-2025-68236 affects the Linux kernel’s SCSI UFS stack, specifically the ufs-qcom driver. The issue arises during the UFS power-down sequence: after SSU Power_Condition=3, hardware reset (HWRST) can wake the device firmware, causing a transient surge in ICCQ current. If the regulator is still e...

GiBy: a Giant-Step Baby-Step Classifier for Anomaly Detection in Industrial Control Systems

The continuous monitoring of the interactions between cyber-physical components of any industrial control system ICS is required to secure automation of the system controls, and to guarantee plant processes are fail-safe and remain in an acceptably safe state. Safety is achieved by managing...

kernel: usb: dwc3: Wait unconditionally after issuing EndXfer command

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3usb3 = 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because DWCusb3 controller...

DEBIAN-CVE-2024-36977

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3usb3 = 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because DWCusb3 controller...

PT-2024-23126

Name of the Vulnerable Software and Affected Versions DIRAC versions prior to 8.0.41 Description DIRAC is a software framework for distributed computing. During the proxy generation process, such as when using dirac-proxy-init, unauthorized users on the same machine can gain read access to the...

GHSA-M489-XR35-FJXR Regular Expression Denial of Service in millisecond

Versions of millisecond prior to 0.1.2 are affected by a regular expression denial of service vulnerability when extremely long version strings are parsed. Proof of concept var ms = require'millisecond'; var genstr = function len, chr var result = ""; for i=0; i=len; i++ result = result + chr;...

access-control (=0.0.7), destiny-api (=1.0.0) +11 more potentially affected by unknown CVE via millisecond (>=0.0.1 <=0.1.1)

millisecond NPM version =0.0.1, =0.11.0, =0.0.0, =0.0.1, =0.4.0, =0.0.1, =1.0.0, =1.0.4, =0.0.9, =0.0.1, =0.0.3 Source cves: unknown CVE Source advisory: OSV:GHSA-M489-XR35-FJXR...

Regular Expression Denial of Service in millisecond

Versions of millisecond prior to 0.1.2 are affected by a regular expression denial of service vulnerability when extremely long version strings are parsed. Proof of concept var ms = require'millisecond'; var genstr = function len, chr var result = ""; for i=0; i=len; i++ result = result + chr;...

Regular Expression Denial of Service

Overview Versions of millisecond prior to 0.1.2 are affected by a regular expression denial of service vulnerability when extremely long version strings are parsed. Proof of concept var ms = require'millisecond'; var genstr = function len, chr var result = ""; for i=0; i=len; i++ result = result ...

Pcap Replay Utility

Replay a pcap capture file This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pcap Replay Utility', 'Description' = %q Replay a pcap capture file , 'Author' = 'amaloteaux', 'License' = MSFLICENSE...