CVE-2019-9965

XnView MP 0.93.1 on Windows allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file, related to ntdll!RtlReAllocateHeap...

CVE-2019-9962

XnView MP 0.93.1 on Windows allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file, related to VCRUNTIME140!memcpy...

CVE-2019-9963

XnView MP 0.93.1 on Windows allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file, related to ntdll!RtlFreeHeap...

CVE-2019-19277

A vulnerability has been identified in SIPORT MP All versions 3.1.4. Vulnerable versions of the device allow the creation of special accounts "service users" with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of...

Malicious code in mp-cross (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53921b386b6a8061c81837604fae74f8719325a726df27664fb9ea723d2bbda8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4010 Malicious code in mp-cross (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53921b386b6a8061c81837604fae74f8719325a726df27664fb9ea723d2bbda8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-45857

EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution RCE vulnerability via the command parameter in the mp function...

kernel: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race

In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953xirqbussyncunlock race Ensure that i2clock' is held when setting interrupt latch and mask in pca953xirqbussyncunlock in order to avoid races. The other non-probe call site pca953xgpiosetmultiple ensures t...

Edimax CV7428NS 安全漏洞

Edimax CV7428NS is an enterprise-grade network video recorder from China Xunzhou Edimax. A security vulnerability exists in Edimax CV7428NS v1.20, which originates from remote code execution of command parameters in the mp function...

CVE-2025-45857

EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution RCE vulnerability via the command parameter in the mp function...

PT-2025-20922 · Edimax · Edimax Cv7428Ns

Name of the Vulnerable Software and Affected Versions: EDIMAX CV7428NS version 1.20 Description: A remote code execution issue was discovered, allowing exploitation via the command parameter in the mp function. Recommendations: For EDIMAX CV7428NS version 1.20, consider restricting access to the ...

CVE-2025-23141

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVMGETMPSTATE to protect guest memory accesses Acquire a lock on kvm-srcu when userspace is getting MP state to handle a rather extreme edge case where "accepting" APIC events, i.e. processing pending IN...

DEBIAN-CVE-2025-23141

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVMGETMPSTATE to protect guest memory accesses Acquire a lock on kvm-srcu when userspace is getting MP state to handle a rather extreme edge case where "accepting" APIC events, i.e. processing pending IN...

AZL-69662 CVE-2025-23141 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVMGETMPSTATE to protect guest memory accesses Acquire a lock on kvm-srcu when userspace is getting MP state to handle a rather extreme edge case where "accepting" APIC events, i.e. processing pending IN...

CVE-2025-23141 KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVMGETMPSTATE to protect guest memory accesses Acquire a lock on kvm-srcu when userspace is getting MP state to handle a rather extreme edge case where "accepting" APIC events, i.e. processing pending IN...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from KVMGETMPSTATE not acquiring an SRCU lock, which could lead to access to unprotected memory...

CVE-2025-38152 remoteproc: core: Clear table_sz when rproc_shutdown

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Clear tablesz when rprocshutdown There is case as below could trigger kernel dump: Use U-Boot to start remote processorrproc with resource table published to a fixed address by rproc. After Kernel boots up, stop...

Allocation of Resources Without Limits or Throttling

Overview pocketmine/pocketmine-mp is a highly customisable, open source server software for Minecraft: Bedrock Edition written in PHP Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the explode function. An attacker can occupy excessive...

GHSA-G274-C6JJ-H78P PocketMine-MP allows malicious client data to waste server resources due to lack of limits for explode()

Impact Due to lack of limits by default in the explode function, malicious clients were able to abuse some packets to waste server CPU and memory. This is similar to a previous security issue published in https://github.com/pmmp/PocketMine-MP/security/advisories/GHSA-gj94-v4p9-w672, but with a...

Malicious code in @mp-food/restaurant-orders (npm)

--- -= Per source details. Do not edit below this line.=-...