PT-2026-43732

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

CVE-2025-35050

Newforma Info Exchange NIX accepts serialized .NET data via the '/remoteweb/remote.rem' endpoint, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. The vulnerable endpoint is used by Newforma Project Center Server NPCS, so a...

CVE-2025-35050

Summary: CVE-2025-35050 affects Newforma Info Exchange (NIX), where insecure deserialization of serialized .NET data via the /remoteweb/remote.rem endpoint allows a remote, unauthenticated attacker to execute arbitrary code with NT AUTHORITY\NetworkService privileges. The vulnerable endpoint is u...

Tricking LLM-Based NPCs into Spilling Secrets

Large Language Models LLMs are increasingly used to generate dynamic dialogue for game NPCs. However, their integration raises new security concerns. In this study, we examine whether adversarial prompt injection can cause LLM-based NPCs to reveal hidden background secrets that are meant to remai...

SUSE CVE-2025-21982

In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: npcm8xx: Add NULL check in npcm8xxgpiofw devmkasprintf calls can return null pointers on failure. But the return values were not checked in npcm8xxgpiofw. Add NULL check in npcm8xxgpiofw, to handle kernel NULL...

UBUNTU-CVE-2024-36030

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: fix the double free in rvunpcfreemem Clang static checkerscan-build warning： drivers/net/ethernet/marvell/octeontx2/af/rvunpc.c:line 2184, column 2 Attempt to free released memory. npcmcamrsrcsdeinit has released...

Design/Logic Flaw

An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component...

CVE-2024-24402

An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component...

Command Execution Vulnerabilities in the Budget Networking Supervision System of the National People's Congress of Beijing UFIDA Government Affairs Software Co.

Beijing UFIDA Government Software Co., Ltd. is a comprehensive business management information solution provider for government departments, institutions and non-profit organizations. A command execution vulnerability exists in the NPC Budget Networking Supervision System of Beijing UFIDA...

contests.npcnewsonline.com XSS vulnerability

Vulnerable URL: http://contests.npcnewsonline.com/images.php?image=219129=2013%20NPC%20Gov.%20Cup=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...