TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modified in an unauthorized manner. "Upon...

CVE-2025-7432 DPA countermeasures not reseeded under certain conditions

DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded under certain conditions. This may allow an attacker to eventually extract secret keys through a DPA attack...

CVE-2025-7432

CVE-2025-7432 concerns Silicon Labs’ Series 2 devices where DPA countermeasures are not reseeded under certain conditions. The vulnerability could enable an attacker to eventually extract secret keys via a differential power analysis (DPA) attack. The provided metrics indicate a low base score (C...

CVE-2025-7432

DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded under certain conditions. This may allow an attacker to eventually extract secret keys through a DPA attack...

CVE-2025-7432 DPA countermeasures not reseeded under certain conditions

DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded under certain conditions. This may allow an attacker to eventually extract secret keys through a DPA attack...

PT-2026-7119

DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded under certain conditions. This may allow an attacker to eventually extract secret keys through a DPA attack...

UBUNTU-CVE-2022-50002

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: LAG, fix logic over MLX5LAGFLAGNDEVSREADY Only set MLX5LAGFLAGNDEVSREADY if both netdevices are registered. Doing so guarantees that both ldev-pfMLX5LAGP0.dev and ldev-pfMLX5LAGP1.dev have valid pointers when...

Silicon Simplicity SDK 安全漏洞

The Silicon Simplicity SDK is an embedded software development platform from Silicon, Inc. for building Internet of Things IoT products based on our Series 2 and upcoming Series 3 wireless and MCU devices. A security vulnerability exists in Silicon Simplicity SDK versions prior to 2024.12.0, whic...

PT-2024-20702 · Unknown · Series 2 Hse-Svh

Name of the Vulnerable Software and Affected Versions: Series 2 HSE-SVH devices versions prior to SE Firmware version 2.2.6 Description: The issue arises because the TAMPERRSTCAUSE register may not be properly updated when a level 4 tamper event occurs, potentially preventing the application from...

CVE-2024-27100

creationtimestamp| type| source ---|---|--- 2024-03-15 21:22:08+00:00| seen| https://t.me/ctinow/209155 2024-03-15 21:26:18+00:00| seen| https://t.me/ctinow/209168...

CVE-2024-22167

creationtimestamp| type| source ---|---|--- 2024-03-13 22:26:39+00:00| seen| https://t.me/ctinow/207222 2024-03-13 22:31:42+00:00| seen| https://t.me/ctinow/207240...

CVE-2024-0530

creationtimestamp| type| source ---|---|--- 2024-01-15 03:26:40+00:00| seen| https://t.me/ctinow/168125 2024-02-03 09:07:09+00:00| seen| https://t.me/ctinow/178441...

CVE-2024-0492

creationtimestamp| type| source ---|---|--- 2024-01-13 16:21:39+00:00| seen| https://t.me/ctinow/167869 2024-02-02 14:41:42+00:00| seen| https://t.me/ctinow/178094...

CVE-2024-0479

creationtimestamp| type| source ---|---|--- 2024-01-13 08:26:14+00:00| seen| https://t.me/ctinow/167740 2024-02-02 12:36:36+00:00| seen| https://t.me/ctinow/178051...

PT-2023-31409 · Interaxon · Muse App +1

Name of the Vulnerable Software and Affected Versions: InteraXon Muse 2 devices affected versions not specified Description: The issue allows remote attackers to cause a denial of service, resulting in an incorrect report of an outstanding, calm meditation state. This is achieved via a 480 MHz RF...

CVE-2023-39068

Buffer Overflow vulnerability in NBD80S09S-KLC v.YKHZXMNBD80S09S-KLCV4.03.R11.7601.Nat.OnvifC.20230414.bin and NBD80N32RA-KL-V3 v.YKHZXMNBD80N32RA-KLV4.03.R11.7601.Nat.OnvifC.20220120.bin allows a remote attacker to casue a denial of service via a crafted request to the service.XM component...

CVE-2023-1579

creationtimestamp| type| source ---|---|--- 2023-04-04 02:25:09+00:00| seen| https://t.me/cibsecurity/61365 2025-02-14 10:06:10+00:00| seen| Telegram/418qXQ-oeDz8bPSVZYe1hSJHguhWb0hZne-aJ-fMVvmDFNVR 2025-02-14 10:08:09+00:00| seen| Telegram/XunXts8gepyH6wYojBr4mTYDPx4qGJUgKLFqb7BUtX5u7qd...

ZEROF Expert pro SQL注入漏洞

ZEROF Expert pro is a mobile application for the ZEROF platform. For professional use by employees and agents of sellers involved in the inspection of insurance objects, collateralized assets, responsible for the display of goods at retail outlets. A SQL injection vulnerability exists in ZEROF...

kernel: race condition caused by a malicious USB device in the USB character device driver layer

A flaw was found in the Linux kernel, where there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer. An attacker who can hotplug at least two devices of this class can cause a use-after-free situation...

kernel: race condition caused by a malicious USB device in the USB character device driver layer

A flaw was found in the Linux kernel, where there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer. An attacker who can hotplug at least two devices of this class can cause a use-after-free situation...