CVE-2025-71117

In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...

CVE-2025-71117 block: Remove queue freezing from several sysfs store callbacks

In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in the vm module with the timeout option. An attacker can access secrets like tokens or passwords to leak or cause data corruption by exploiting a race condition in buffer allocation logic that allows zero-fill toggle to...

CVE-2025-68793

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job-pasid access race in gpu recovery Avoid a possible UAF in GPU recovery due to a race between the sched timeout callback and the tdr work queue. The gpu recovery function calls drmschedstop and later...

CVE-2025-68775

CVE-2025-68775 concerns the Linux kernel, specifically the net/handshake cancellation path. The flaw arises when a handshake request is cancelled twice: the first cancellation removes the request from handshake_net->hn_requests but leaves it in handshake_rhashtbl; a second cancellation can cau...

CVE-2022-0488

An issue has been discovered in GitLab CE/EE affecting all versions starting with version 8.10. It was possible to trigger a timeout on a page with markdown by using a specific amount of block-quotes...

CVE-2023-29046

Connections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead those connections were logged. Some connections use user-controlled endpoints, which could be malicious and attempt to keep the connection open for an extended period of...

CVE-2024-34419

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nathan Vonnahme Configure Login Timeout allows Stored XSS.This issue affects Configure Login Timeout: from n/a through 1.0...

CVE-2022-33244

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout...

CVE-2022-31093

NextAuth.js is a complete open source authentication solution for Next.js applications. In affected versions an attacker can send a request to an app using NextAuth.js with an invalid callbackUrl query parameter, which internally is converted to a URL object. The URL instantiation would fail due ...

CLSA-2026-1767864313 kernel: Fix of 46 CVEs

mm: hugetlb: fix UAF in hugetlbhandleuserfault CVE-2022-50630 - drm/amdkfd: fix potential kgdmem UAFs CVE-2023-53816 - net/mlx5e: Fix deadlock in tc route query code CVE-2023-53591 - PCI: Fix pcideviceispresent for VFs by checking PF CVE-2022-50636 - wifi: ath11k: fix monitor mode bringup crash...

Malicious code in timeout-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1df00c4c63fa8e52f67bf4d40b5dadae1ddcb640d127546671ce2bf53b5eafa7 The package timeout-ts was found to contain malicious code. Source: ghsa-malware 16cf2a5883796e1a03bb6cc6da0182692fa5962abe42950ba3d95709ca928a71 Any...

MAL-2026-158 Malicious code in timeout-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1df00c4c63fa8e52f67bf4d40b5dadae1ddcb640d127546671ce2bf53b5eafa7 The package timeout-ts was found to contain malicious code. Source: ghsa-malware 16cf2a5883796e1a03bb6cc6da0182692fa5962abe42950ba3d95709ca928a71 Any...

Malicious Package

Overview timeout-ts is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

EUVD-2026-1625

Malicious code in timeout-ts npm...

CVE-2025-4677 Idle session timeout is not configured for multiple open ports

Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K...

CVE-2025-4677 Idle session timeout is not configured for multiple open ports

Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K...

CVE-1999-0770

Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems...

PT-2026-27756

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's netfilter module, specifically within the xt CT component. The issue involves the handling of connection tracking templates and enqueued packets. When...

CVE-2023-54166

In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndotxtimeout callback The Xeon validation group has been carrying out some loaded tests with various HW configurations, and they have seen some transmit queue time out happening during the test. This...