CVE-2025-69633

A SQL Injection vulnerability in the Advanced Popup Creator advancedpopupcreator module for PrestaShop 1.1.26 through 1.2.6 Fixed in version 1.2.7 allows remote unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The parameter is...

CVE-2025-69633

A SQL Injection vulnerability in the Advanced Popup Creator advancedpopupcreator module for PrestaShop 1.1.26 through 1.2.6 Fixed in version 1.2.7 allows remote unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The parameter is...

Top 10 actions to build agents securely with Microsoft Copilot Studio

Organizations are rapidly adopting Copilot Studio agents, but threat actors are equally fast at exploiting misconfigured AI workflows. Mis-sharing, unsafe orchestration, and weak authentication create new identity and data‑access paths that traditional controls don’t monitor. As AI agents become...

CVE-2026-25922 authentik has a Signature Verification Bypass via SAML Assertion Wrapping

authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...

CVE-2026-0229

A denial-of-service DoS vulnerability in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance...

CVE-2025-48503

A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

CVE-2025-61969

Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

CVE-2023-31323

Type confusion in the AMD Secure Processor ASP could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent XGMI TA leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability...

CVE-2024-36319

Debug code left active in AMD's Video Decoder Engine Firmware VCN FW could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system...

CVE-2023-31313

An unintended proxy or intermediary in the AMD power management firmware PMFW could allow a privileged attacker to send malformed messages to the system management unit SMU potentially resulting in arbitrary code execution...

USN-8028-2: Linux kernel (Real-time) vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...

AMD Processors 安全漏洞

AMD Processors are a series of processors developed by American semiconductor company AMD. There is a security vulnerability in AMD Processors, which stems from type confusion. This vulnerability may allow attackers to send malformed parameters to external global memory interconnection trusted...

AMD Graphics Driver 安全漏洞

AMD Graphics Driver is an integrated graphics driver developed by American semiconductor company AMD. There is a security vulnerability in AMD Graphics Driver, which stems from improper input validation. This vulnerability may allow local attackers to access out-of-bound memory, resulting in a...

CVE-2026-26014 Pion DTLS uses random nonce generation with AES GCM ciphers risks leaking the authentication key

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a...

CVE-2026-26014

Pion DTLS (Go) vulnerability CVE-2026-26014 affects versions v1.0.0–v3.1.0 due to improper nonce generation with AES-GCM ciphers, enabling nonce reuse in a session. This can let remote attackers obtain the authentication key and spoof data. Remedy: upgrade to v3.1.0 or later. The provided documen...

CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature

A denial-of-service DoS vulnerability in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance...

CVE-2026-0229

CVE-2026-0229 is a DoS vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS software. It allows an unauthenticated attacker to reboot the firewall by sending a maliciously crafted packet; repeated reboot attempts can drive the device into maintenance mode. Cloud ...

CVE-2026-0229

A denial-of-service DoS vulnerability in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance...

CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature

A denial-of-service DoS vulnerability in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance...

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.14.2 security update

Red Hat Advanced Cluster Management for Kubernetes 2.14 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. Red Hat Advanced Cluster Management for Kubernetes 2.14 images Red Hat Advanced Cluster Management for Kubernetes provides...