EUVD-2025-179118

Malicious code in enum-compress-proxy-thread-user npm...

EUVD-2025-175550

Malicious code in wind-quick-char-yaml-thread npm...

EUVD-2025-179711

Malicious code in cloud-analyze-spy-thread-object npm...

EUVD-2025-178511

Malicious code in hot-thread-cold-fast-epsilon npm...

EUVD-2025-179682

Malicious code in cold-mock-daemon-hash-thread npm...

EUVD-2025-178656

Malicious code in grep-cron-thread-grep-short npm...

EUVD-2025-176691

Malicious code in report-thread-benchmark-good-fork npm...

EUVD-2025-176949

Malicious code in proxy-interface-visualize-thread-psi npm...

EUVD-2025-176941

Malicious code in public-bundle-class-iota-thread npm...

EUVD-2025-177777

Malicious code in module-void-fast-thread-double npm...

EUVD-2025-175955

Malicious code in thread-link-code-stack-old npm...

EUVD-2025-175956

Malicious code in thread-daemon-try-omega-mock npm...

EUVD-2025-176139

Malicious code in sun-thread-monitor-void-sun npm...

Siemens SIMATIC S7-1500 Double Free (CVE-2023-27537)

A double free vulnerability exists in libcurl 8.0.0 when sharing HSTS data between separate handles. This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks...

Siemens SIMATIC and SCALANCE Multiple Releases of Same Resource or Handle (CVE-2025-0665)

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Updated perl packages fix security vulnerabilities

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Perl is vulnerable to a heap buffer overflow when transliterating non-ASCII bytes. CVE-2024-56406 Perl threads have a working directory race condition where file operations may target...

CVE-2025-31940

Incorrect default permissions for some IntelR Thread Director Visualizer software before version 1.1.1 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

UBUNTU-CVE-2025-40116

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...

PT-2025-46645

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw where accesses to dst-dev were not protected using Read-Copy-Update RCU. This issue was addressed by utilizing RCU in functions such as sk setup caps, s...

PT-2025-46698

Name of the Vulnerable Software and Affected Versions airpig2011 IEC104 versions prior to Commit be6d841 2019-07-08 Description A flaw exists in airpig2011 IEC104 where concurrent enqueueing of elements by multiple threads via the IEC10X PrioEnQueue function can lead to a null or freed queue...