GHSA-HQ76-6GH2-5G4Q Constellation has insecure LUKS2 persistent storage partitions which may be opened and used

Summary A malicious host may provide a crafted LUKS2 volume to a confidential computing guest that is using the OpenCryptDevice feature. The guest will open the volume and write secret data using a volume key known to the attacker. The attacker can also pre-load data on the device, which could...

New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands

Cybersecurity researchers have discovered a new vulnerability in OpenAI's ChatGPT Atlas web browser that could allow malicious actors to inject nefarious instructions into the artificial intelligence AI-powered assistant's memory and run arbitrary code. "This exploit can allow attackers to infect...

CVE-2025-34502

Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...

CVE-2025-59459

An attacker that gains SSH access to an unprivileged account may be able to disrupt services including SSH, causing persistent loss of availability...

CVE-2025-59459 Denial-of-service (DoS) via resource consumption

An attacker that gains SSH access to an unprivileged account may be able to disrupt services including SSH, causing persistent loss of availability...

PT-2025-43923

Name of the Vulnerable Software and Affected Versions versions prior to 2025-10-27 Description An attacker obtaining SSH access to an unprivileged account may disrupt services, including SSH, leading to persistent unavailability. The issue involves a denial-of-service condition caused by resource...

CVE-2025-34503

Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update...

CVE-2025-34502

Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...

CVE-2025-34502 Shuffle Master Deck Mate 2 Missing Secure Boot

Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...

CVE-2025-34502 Shuffle Master Deck Mate 2 Missing Secure Boot

Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...

PT-2025-43688

Name of the Vulnerable Software and Affected Versions Deck Mate 2 affected versions not specified Description The Deck Mate 2 device does not have a verified secure-boot chain or runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an...

Light & Wonder Deck Mate 安全漏洞

Light & Wonder Deck Mate is an automated licensing device from Light & Wonder, UK. A security vulnerability exists in Light & Wonder Deck Mate that stems from a lack of secure boot chain validation and runtime integrity validation, which could allow a physically accessible attacker to modify or...

PT-2025-43689

Name of the Vulnerable Software and Affected Versions Deck Mate 1 affected versions not specified Description Deck Mate 1 executes firmware directly from an external EEPROM without verifying its authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to execu...

CVE-2025-54808

Oxford Nanopore Technologies' MinKNOW software at or prior to version 24.11 stores authentication tokens in a file located in the system's temporary directory /tmp on the host machine. This directory is typically world-readable, allowing any local user or application to access the token. If the...

EUVD-2025-35687

Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that could impact authenticated users interacting with the device’s web interface. This vulnerability is...

CVE-2025-1679

CVE-2025-1679 and CVE-2025-1680 concern Moxa Ethernet switches. CVE-2025-1679 is a stored Cross-site Scripting (XSS) in the device web interface: an authenticated admin can inject scripts that affect authenticated users, with impact on the subsequent system’s confidentiality and integrity but not...

CVE-2025-1679

Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that could impact authenticated users interacting with the device’s web interface. This vulnerability is...

PT-2025-43452

Name of the Vulnerable Software and Affected Versions versions prior to 2025-22432 Description A persistent connection may occur due to improper input validation within the notifyTimeout function of the CallRedirectionProcessor.java component. This could potentially allow for local escalation of...

MAL-2025-48533 Malicious code in hash-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 797126e9eb0f67390ff12806c31b6cca28e65c31d1eb9b186dbb591b0db9c941 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48518 Malicious code in dist-decoder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d6276f9115715018347a416b17686c81064ab130b386dacfdbe52f80bf1a2d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...