Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: riscv: stacktrace: Disable KASAN checks for non-current tasks Unwinding the stack of a task other than current, KASAN would report "BUG: KASAN: out-of-bounds in walkstackframe+0x41c/0x460" There is a same issue on x86 and has bee...

PT-2026-2768

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

CVE-2023-50724

Resque pronounced like "rescue" is a Redis-backed library for creating background jobs, placing those jobs on multiple queues, and processing them later. resque-web in resque versions before 2.1.0 are vulnerable to reflected XSS through the currentqueue parameter in the path of the queues endpoin...

GHSA-RJF8-2WCW-F6MP Salvo is vulnerable to reflected XSS in the list_html function

Summary The function listhtml generates an file view of a folder which includes a render of the current path, in which its inserted in the HTML without proper sanitation, leading to reflected XSS. The request path is decoded and normalized in the matching stage but is not inserted raw in the HTML...

Salvo is vulnerable to reflected XSS in the list_html function

Summary The function listhtml generates an file view of a folder which includes a render of the current path, in which its inserted in the HTML without proper sanitation, leading to reflected XSS. The request path is decoded and normalized in the matching stage but is not inserted raw in the HTML...

CVE-2026-22256 Salvo is vulnerable to reflected XSS in the list_html function

Salvo is a Rust web backend framework. Prior to version 0.88.1, the function listhtml generate an file view of a folder which include a render of the current path, in which its inserted in the HTML without proper sanitation, this leads to reflected XSS using the fact that request path is decoded...

Large Language Models for Detecting Cyberattacks on Smart Grid Protective Relays

This paper presents a large language model LLM-based framework for detecting cyberattacks on transformer current differential relays TCDRs, which, if undetected, may trigger false tripping of critical transformers. The proposed approach adapts and fine-tunes compact LLMs such as DistilBERT to...

Slackware: Security Advisory (SSA:2026-006-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware Linux 15.0 / current curl Multiple Vulnerabilities (SSA:2026-007-01)

The version of curl installed on the remote host is prior to 8.17.0 / 8.18.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-007-01 advisory. New curl packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...

[slackware-security] libsodium

New libsodium packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libsodium-1.0.18-i586-4slack15.0.txz: Rebuilt. This update fixes a security issue: Insufficient validation in...

CVE-2025-11235

Progress MOVEit Transfer on Windows REST API modules is affected by an unverified password change vulnerability. Affected versions include MOVEit Transfer 2022.0.0–2022.0.10, 2022.1.0–2022.1.11, 2023.0.0–2023.0.8, and 2023.1.0–2023.1.3. The issue is documented across multiple sources (including R...

current-impact (=1.0.0), nmea-streamer (>=1.0.1 <=2.2.0) potentially affected by CVE-2025-69203 via signalk-server (=1.46.3)

signalk-server NPM version =1.46.3 is affected by a known vulnerability. The following packages have a transitive dependency on signalk-server and may be impacted: - current-impact =1.0.0 - nmea-streamer =1.0.1, =2.2.0 Source cves: CVE-2025-69203 Source advisory: OSV:GHSA-VFRF-VCJ7-WVR8...

current-impact (=1.0.0), nmea-streamer (>=1.0.1 <=2.2.0) potentially affected by CVE-2025-68619 via signalk-server (=1.46.3)

signalk-server NPM version =1.46.3 is affected by a known vulnerability. The following packages have a transitive dependency on signalk-server and may be impacted: - current-impact =1.0.0 - nmea-streamer =1.0.1, =2.2.0 Source cves: CVE-2025-68619 Source advisory: OSV:GHSA-93JC-VQQC-VVVH...

current-impact (=1.0.0), nmea-streamer (>=1.0.1 <=2.2.0) potentially affected by CVE-2025-68273 via signalk-server (=1.46.3)

signalk-server NPM version =1.46.3 is affected by a known vulnerability. The following packages have a transitive dependency on signalk-server and may be impacted: - current-impact =1.0.0 - nmea-streamer =1.0.1, =2.2.0 Source cves: CVE-2025-68273 Source advisory: OSV:GHSA-FPF5-W967-RR2M...

current-impact (=1.0.0), nmea-streamer (>=1.0.1 <=2.2.0) potentially affected by CVE-2025-68272 via signalk-server (=1.46.3)

signalk-server NPM version =1.46.3 is affected by a known vulnerability. The following packages have a transitive dependency on signalk-server and may be impacted: - current-impact =1.0.0 - nmea-streamer =1.0.1, =2.2.0 Source cves: CVE-2025-68272 Source advisory: OSV:GHSA-7RQC-FF8M-7J23...

current-impact (=1.0.0), nmea-streamer (>=1.0.1 <=2.2.0) potentially affected by CVE-2025-66398 via signalk-server (=1.46.3)

signalk-server NPM version =1.46.3 is affected by a known vulnerability. The following packages have a transitive dependency on signalk-server and may be impacted: - current-impact =1.0.0 - nmea-streamer =1.0.1, =2.2.0 Source cves: CVE-2025-66398 Source advisory: OSV:GHSA-W3X5-7C4C-66P9...

Slackware: Security Advisory (SSA:2026-001-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/seamonkey-2.53.23-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see:...

Slackware Linux 15.0 / current libpcap Multiple Vulnerabilities (SSA:2026-001-02)

The version of libpcap installed on the remote host is prior to 1.10.6. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-001-02 advisory. New libpcap packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...

PT-2026-8215

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Tegra210-quad SPI driver related to synchronization of the curr xfer variable within the interrupt request IRQ handler. Specifically, a race condition...