CVE-2025-40281

In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of-bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...

CVE-2025-40281

In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of-bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...

CVE-2025-40281

In the Linux kernel, CVE-2025-40281 affects SCTP in net/sctp/transport.c, where a shift-out-of-bounds could occur in sctp_transport_update_rto if rto_alpha_max/rto_beta_max were very large. The fix adds a run-time test to prevent regressions and includes READ_ONCE() annotations since sysctl value...

PT-2025-49382

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the sctp transport update rto function that may lead to a shift-out-of-bounds condition. This issue was identified by syzbot, which reported a potenti...

MAL-2025-48847 Malicious code in internal-runtime-test (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in internal-runtime-test (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in circuit-runtime-test (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-48812 Malicious code in circuit-runtime-test (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in sanitize-runtime-test-dog-user (npm)

The package sanitize-runtime-test-dog-user was found to contain malicious code...

CVE-2025-2919

A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This vulnerability affects unknown code of the component UART. The manipulation leads to hardware allows activation of test or debug logic at runtime. It is possible to launch the attack on the physical device...

PT-2022-2952 · Intel · Intel Trace Hub

Name of the Vulnerable Software and Affected Versions: IntelR Trace Hub affected versions not specified Description: The issue is related to insufficient access control in the IntelR Trace Hub driver, which may allow an attacker to escalate privileges. For some IntelR Trace Hub instances, it is...

ALPINE-CVE-2021-0146

Hardware allows activation of test or debug logic at runtime for some IntelR processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access...

Mandriva Update for glibc MDKA-2007:012 (glibc)

Check for the Version of glibc OpenVAS Vulnerability Test Mandriva Update for glibc MDKA-2007:012 glibc Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Update for glibc MDKA-2007:012 (glibc)

Check for the Version of glibc OpenVAS Vulnerability Test Mandriva Update for glibc MDKA-2007:012 glibc Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...