EUVD-2025-179922

Malicious code in byte-runtime-easy-promise-transpile npm...

EUVD-2025-176693

Malicious code in report-new-runtime-sun-user npm...

MAL-2025-188312 Malicious code in node-mu-private-new-runtime (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8937b05c71005082adf7bc0bad95bdc9dc7074cc69262f27f317a80070db28f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-180010

Malicious code in book-earth-runtime-delta-chi npm...

EUVD-2025-176576

Malicious code in runtime-stack-awk-visualize-monitor npm...

EUVD-2025-176577

Malicious code in runtime-short-fork-yaml-pipe npm...

EUVD-2025-150366

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec: Direct firmware load for qcom/vpu/vpu33p4.mbn failed with error -2 qcom-iris aa00000.video-codec:...

AFLGopher: Accelerating Directed Fuzzing Via Feasibility-Aware Guidance

Directed fuzzing is a useful testing technique that aims to efficiently reach target code sites in a program. The core of directed fuzzing is the guiding mechanism that directs the fuzzing to the specified target. A general guiding mechanism adopted in existing directed fuzzers is to calculate th...

Siemens SIMATIC S7-1500 Improper Validation of Specified Type of Input (CVE-2024-35809)

In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

CVE-2025-40208

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec: Direct firmware load for qcom/vpu/vpu33p4.mbn failed with error -2 qcom-iris aa00000.video-codec:...

DEBIAN-CVE-2025-40208

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec: Direct firmware load for qcom/vpu/vpu33p4.mbn failed with error -2 qcom-iris aa00000.video-codec:...

UBUNTU-CVE-2025-40208

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec: Direct firmware load for qcom/vpu/vpu33p4.mbn failed with error -2 qcom-iris aa00000.video-codec:...

CVE-2025-40208

CVE-2025-40208 is tied to the Linux kernel Iris media driver (qcom-iris). The public descriptions show a fix for module removal when firmware download/load fails (Direct firmware load for qcom/vpu/vpu33_p4.mbn failed with error -2; downstream init/core deinit messages; unbind path). Affected stac...

CVE-2025-40208

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec: Direct firmware load for qcom/vpu/vpu33p4.mbn failed with error -2 qcom-iris aa00000.video-codec:...

CVE-2025-64345 Wasmtime provides unsound API access to a WebAssembly shared linear memory

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

Malicious code in tanufahuir-sofai-duguat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce3f2baa8cd971a9bdde119735f5c3077e6c0ff6c83253d70b4279f4680e0740 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124963

In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM autosuspend for AX88772 in bind. usbnet enables runtime PM autosuspend by default, so disabling it via the usbdriver flag is ineffective. O...

CVE-2025-40120

In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM autosuspend for AX88772 in bind. usbnet enables runtime PM autosuspend by default, so disabling it via the usbdriver flag is ineffective. O...

UBUNTU-CVE-2025-40120

In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM autosuspend for AX88772 in bind. usbnet enables runtime PM autosuspend by default, so disabling it via the usbdriver flag is ineffective. O...

CVE-2025-40120

Technical details about CVE-2025-40120 are not publicly disclosed in the provided connected documents. The SUSE/OpenVAS entries reference the CVE but do not supply affected products, versions, root cause, or fixes. Monitor for official advisories for specifics.