RUSTSEC-2025-0023 Broadcast channel calls clone in parallel, but does not require `Sync`

The broadcast channel internally calls clone on the stored value when receiving it, and only requires T:Send. This means that using the broadcast channel with values that are Send but not Sync can trigger unsoundness if the clone implementation makes use of the value being !Sync. Thank you to...

UBUNTU-CVE-2025-21938

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix 'scheduling while atomic' in mptcppmnlappendnewlocaladdr If multiple connection requests attempt to create an implicit mptcp endpoint in parallel, more than one caller may end up in mptcppmnlappendnewlocaladdr because...

AZL-59350 CVE-2025-30211 affecting package erlang for versions less than 25.3.2.20-1

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...

UBUNTU-CVE-2025-30211

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...

编号撤回

Dask is a parallel computing library with task scheduling from the Dask open source. This CVE number has been withdrawn...

The vulnerability of the cuobjdump software tool for parallel computing on NVIDIA CUDA GPUs allows a hacker to trigger a service failure.

The vulnerability of the cuobjdump software tool for parallel computing on NVIDIA CUDA GPUs involves reading data beyond the allowable range in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability of the cuobjdump software tool for parallel computing on NVIDIA CUDA GPUs allows a hacker to trigger a service failure.

The vulnerability of the cuobjdump software tool for parallel computing on NVIDIA CUDA GPUs involves reading data beyond the allowable range in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

UBUNTU-CVE-2025-21802

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each aedev node from hnae3aedevlist. If user unloads hns3 driver at the time, because it removes all the aedev node...

DEBIAN-CVE-2024-57982

In the Linux kernel, the following vulnerability has been resolved: xfrm: state: fix out-of-bounds read during lookup lookup and resize can run in parallel. The xfrmstatehashgeneration seqlock ensures a retry, but the hash functions can observe a hmask value that is too large for the new hlist...

AZL-58017 CVE-2024-57982 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: xfrm: state: fix out-of-bounds read during lookup lookup and resize can run in parallel. The xfrmstatehashgeneration seqlock ensures a retry, but the hash functions can observe a hmask value that is too large for the new hlist...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to properly handle the aedev node when uninstalling drivers in parallel, which could lead to a...

USN-7303-1 linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers cor...

DEBIAN-CVE-2022-49398

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace listforeachentrysafe if using giveback The listforeachentrysafe macro saves the current item n and the item after n+1, so that n can be safely removed without corrupting the list. However, when traversi...

addftool (>=0.2.7 <=0.3.1), autonet-cumulus (>=0.2.0 <=0.2.1) +19 more potentially affected by unknown CVE via parallel-ssh (>=2.12.0 <=2.9.0)

parallel-ssh PYPI version =2.12.0, =0.2.7, =0.2.0, =0.8.1.post1, =0.8.1.post1, =0.8.1.post1, =0.8.3.dev180, =0.11.0, =0.4.2, =2.1.1b1, =0.13.0a1, =0.14.1, =0.5.2, =0.1.0, =0.2.0, =1.0.0, =1.0.14 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-PARALLELSSH-8688146...

Race Condition

Overview parallel-ssh is an Asynchronous parallel SSH library Affected versions of this package are vulnerable to Race Condition in the scpsend function, leading to incomplete file transfers without error notifications. Remediation Upgrade parallel-ssh to version 2.9.1 or higher. References -...

PT-2025-5665 · Git +1 · Opencv

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash has been reported with an UNKNOWN READ crash type. The crash state involves several functions, including cv::PngDecoder::compose frame,...

UBUNTU-CVE-2024-11218

A vulnerability was found in podman build and buildah. This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the hos...

Exploit for CVE-2024-40094

CVE-2024-40094 ENF ExecutableNormalizedFields Denial of Serv...

DEBIAN-CVE-2024-57659

An issue in the sqlgparalleltsseq component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2024-57659

An issue in the sqlgparalleltsseq component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...