CVE-2025-40188 pwm: berlin: Fix wrong register in suspend/resume

In the Linux kernel, the following vulnerability has been resolved: pwm: berlin: Fix wrong register in suspend/resume The 'enable' register should be BERLINPWMEN rather than BERLINPWMENABLE, otherwise, the driver accesses wrong address, there will be cpu exception then kernel panic during...

sudo-rs -- Authenticating user not recorded properly in timestamp

Trifecta Tech Foundation reports: With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs prior to 0.2.10 incorrectly recorded the invoking user’s UID instead of the authenticated-as...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not truncating the first page in the wrong path, which could lead to a kernel bug...

Malicious code in wrong_penguin_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17d59a9cb8cc8ff3bd34144e4bb9f74fd13879ee74f8924bff5944ce5c1c153e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-3717 Incorrect oauth passthrough in Grafana Snowflake Datasource

When using the Grafana Snowflake Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it could result in the wrong user identifier being used, and information for which the viewer is...

EUVD-2025-74075

Malicious code in wrongmastodonindigo-91 npm...

EUVD-2025-61725

Malicious code in wrongharrierz3n npm...

EUVD-2025-50996

Malicious code in wrong-black-haddock npm...

EUVD-2025-50995

Malicious code in wrong-gray-sturgeon npm...

EUVD-2025-50992

Malicious code in wrong-olive-fowl npm...

EUVD-2025-50991

Malicious code in wrong-tomato-capybara npm...

EUVD-2025-50994

Malicious code in wrong-jade-mule npm...

EUVD-2025-50993

Malicious code in wrong-lime-tick npm...

EUVD-2025-56439

Malicious code in wronghalibutz3n npm...

CVE-2025-41116

Grafana is an open-source platform for monitoring and observability. The Grafana-Databricks-Datasource is a plugin allowing Grafana to visualize data from Databricks Enterprise Versions between 1.6.0 and 1.12.0 are vulnerable to a bug when Oauth passthrough is enabled, and multiple users are usin...

kernel: mm: fix zswap writeback race condition

In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race condition The zswap writeback mechanism can cause a race condition resulting in memory corruption, where a swapped out page gets swapped in with data that was written to a different page. The race...

Enhancing Deep Learning-Based Rotational-XOR Attacks on Lightweight Block Ciphers Simon32/64 and Simeck32/64

At CRYPTO 2019, Gohr pioneered neural cryptanalysis by introducing differential-based neural distinguishers to attack Speck32/64, establishing a novel paradigm combining deep learning with differential cryptanalysis.Since then, constructing neural distinguishers has become a significant approach ...

BIT-WILDFLY-2022-0866

This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...

PT-2025-45451

Name of the Vulnerable Software and Affected Versions Pig-mesh In Pig versions 3.8.2 and below Description The token query interface '/api/admin/sys-token/page' within the Token Management function of the System Management module suffers from insufficient permission verification. Any authenticate...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989278)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989278 advisory. In the Linux kernel, the following vulnerability has been resolved: net: USB: Fix wrong-direction WARNING in plusb.c The syzbot fuzzer detected a bug in the plusb...