PT-2025-24411 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread version 5.1.0 Description: A critical vulnerability was found in the csys sendto function of the file rt-thread/components/lwp/lwp syscall.c. The manipulation of the argument to leads to null pointer dereference. This issue can caus...

nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js

A flaw was found in Node.js, specifically in the C++ method SignTraits::DeriveBits. This vulnerability can allow a remote attacker to crash the Node.js runtime via untrusted input, triggering an exception in a background thread...

nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js

A flaw was found in Node.js, specifically in the C++ method SignTraits::DeriveBits. This vulnerability can allow a remote attacker to crash the Node.js runtime via untrusted input, triggering an exception in a background thread...

PT-2025-37201

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to RDMA and the hfi1 driver. A divide-by-zero error could occur within the find hw thread mask function due to a division operation where the...

nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js

A flaw was found in Node.js, specifically in the C++ method SignTraits::DeriveBits. This vulnerability can allow a remote attacker to crash the Node.js runtime via untrusted input, triggering an exception in a background thread...

CVE-2025-48941

MyBB is free and open source forum software. Prior to version 1.8.39, the search component does not validate permissions correctly, which allows attackers to determine the existence of hidden draft, unapproved, or soft-deleted threads containing specified text in the title. The visibility state...

CVE-2025-48941 MyBB may disclosure unviewable threads' titles in searches

MyBB is free and open source forum software. Prior to version 1.8.39, the search component does not validate permissions correctly, which allows attackers to determine the existence of hidden draft, unapproved, or soft-deleted threads containing specified text in the title. The visibility state...

CVE-2025-48941

CVE-2025-48941 (MyBB) : Affected software: MyBB versions prior to 1.8.39. Issue: the internal search does not properly validate thread visibility, allowing a user with search access to infer the existence of hidden threads (draft, unapproved, or soft-deleted) by title. The visible flag (mybb_thre...

PT-2025-23536 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB versions prior to 1.8.39 Description: The search component in MyBB does not validate permissions correctly, allowing attackers to determine the existence of hidden threads, including draft, unapproved, or soft-deleted threads, by analyzi...

Exploit for Improper Protection of Alternate Path in Vbulletin

Description: RCE for Vbullettin versions between 5.0.0 - 5...

Adaptive and Efficient Dynamic Memory Management for Hardware Enclaves

The second version of Intel Software Guard Extensions Intel SGX, or SGX2, adds dynamic management of enclave memory and threads. The first version required the address space and thread counts to be fixed before execution. The Enclave Dynamic Memory Management EDMM feature of SGX2 has the potentia...

AZL-62067 CVE-2025-40909 affecting package perl for versions less than 5.34.1-491

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any...

AZL-62069 CVE-2025-40909 affecting package perl for versions less than 5.38.2-509

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any...

DEBIAN-CVE-2025-40909

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any...

UBUNTU-CVE-2025-40909

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any...

CVE-2025-40909

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any...

OESA-2025-1533 nodejs security update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

CVE-2024-25393

A stack buffer overflow occurs in net/at/src/atserver.c in RT-Thread through 5.0.2...

CVE-2024-23379

Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario...

CVE-2024-38268

An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread...