CVE-2025-40163

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Stop dlserver before CPU goes offline IBM CI tool reported kernel warning1 when running a CPU removal operation through drmgr2. i.e "drmgr -c cpu -r -q 1" WARNING: CPU: 0 PID: 0 at kernel/sched/cpudeadline.c:219...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990882)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990882 advisory. In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline The absence of IRQDMOVEPCNT...

CVE-2025-40760

A vulnerability has been identified in Altair Grid Engine All versions V2026.0.0. Affected products do not properly handle error messages and discloses sensitive password hash information when processing user authentication requests. This could allow a local attacker to extract password hashes fo...

CVE-2025-40760

Affected product: Altair Grid Engine before 2026.0.0. Root cause: error handling mishandling during user authentication leads to disclosure of password hashes of privileged accounts. Impact: local attacker could recover password hashes for offline brute-forcing. Evidence across connected sources ...

CVE-2025-40760

A vulnerability has been identified in Altair Grid Engine All versions V2026.0.0. Affected products do not properly handle error messages and discloses sensitive password hash information when processing user authentication requests. This could allow a local attacker to extract password hashes fo...

CVE-2025-40760

A vulnerability has been identified in Altair Grid Engine All versions V2026.0.0. Affected products do not properly handle error messages and discloses sensitive password hash information when processing user authentication requests. This could allow a local attacker to extract password hashes fo...

kernel: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio

In the Linux kernel, the following vulnerability has been resolved: hwpoison, memoryhotplug: lock folio before unmap hwpoisoned folio Commit b15c87263a69 "hwpoison, memoryhotplug: allow hwpoisoned pages to be offlined add page poison checks in domigraterange in order to make offline hwpoisoned pa...

PT-2025-46539

Name of the Vulnerable Software and Affected Versions Altair Grid Engine versions prior to 2026.0.0 Description The software does not properly handle error messages, leading to the disclosure of sensitive password hash information during user authentication requests. This could allow a local...

PT-2025-47035

Name of the Vulnerable Software and Affected Versions Microsoft Edge affected versions not specified Description A security flaw exists in Edge Project files or Edge Offline Cache files. If an attacker gains read access to these files, they could reverse engineer user passwords—either app-native ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990619)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990619 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988970)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988970 advisory. In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989782)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989782 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989491)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989491 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPTCOUNT=y, when a...

CVE-2025-62618

ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open the file. Because ELOG includes usernames and password hashes in certain HTTP requests, an attacker can obtain the target's credentials and replay them or...

CVE-2025-62618 ELOG file upload stored XSS

ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open the file. Because ELOG includes usernames and password hashes in certain HTTP requests, an attacker can obtain the target's credentials and replay them or...

Stellar Toolkit for Outlook Review: Simplify and Optimize PST/OST File Management

Are you experiencing performance issues with your Outlook data PST and OST in the Outlook environment? Common problems…...

CVE-2020-36867

Nagios XI versions prior to 5.7.3 contain a command injection vulnerability in the report PDF download/export functionality. User-supplied values used in the PDF generation pipeline or the wrapper that invokes offline/pdf helper utilities were insufficiently validated or improperly escaped,...

Malicious code in epic-offline-token-verifier-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d755e02a54f806e25e06d5d8ba4fd6ade573af32d55fbabf9180d2967448a446 The package epic-offline-token-verifier-node was found to contain malicious code...

EUVD-2025-37118

Malicious code in epic-offline-token-verifier-node npm...

MAL-2025-49175 Malicious code in epic-offline-token-verifier-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d755e02a54f806e25e06d5d8ba4fd6ade573af32d55fbabf9180d2967448a446 The package epic-offline-token-verifier-node was found to contain malicious code...