xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

Agent Capability Negotiation and Binding Protocol (ACNBP)

As multi-agent systems evolve to encompass increasingly diverse and specialized agents, the challenge of enabling effective collaboration between heterogeneous agents has become paramount, with traditional agent communication protocols often assuming homogeneous environments or predefined...

CVE-2025-38067

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseqcs is non-zero The rseqcs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault ...

SUSE CVE-2022-50117

In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op e.g. setstate/getstate and accordingly calls its op. However, currently mlx5 driver sets the above ops without regards to i...

SUSE CVE-2025-38067

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseqcs is non-zero The rseqcs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault ...

CVE-2025-50182 urllib3 does not control redirects in browsers and Node.js

urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means...

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilities with an update Vulnerability Details CVEID:CVE-2024-51744 DESCRIPTION: golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where use...

The vulnerability of the kvm_arch_vcpu_ioctl() function in the arch/x86/kvm/x86.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the kvmarchvcpuioctl function in the arch/x86/kvm/x86.c module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility o...

CVE-2025-38067

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseqcs is non-zero The rseqcs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault ...

CVE-2025-38046

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-38067

CVE-2025-38067 : In the Linux kernel, the rseq registration path could segfault if the user-space rseq_cs field is non-zero. The field is supposed to be set to 0 before registration, but this wasn’t enforced, allowing a faulty rseq_cs value to cause a segfault when returning to user-space. The fi...

CVE-2025-38046

...

CVE-2025-38046

This CVE entry is rejected/not used as stated; it does not represent an active vulnerability.

CVE-2025-38033

In the Linux kernel, the following vulnerability has been resolved: x86/Kconfig: make CFIAUTODEFAULT depend on !RUST or Rust = 1.88 Calling core::fmt::write from rust code while FineIBT is enabled results in a kernel panic: 4614.199779 kernel BUG at arch/x86/kernel/cet.c:132! 4614.205343 Oops:...

PT-2025-25821 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises from compatibility problems between Linux and XenServer on Windows machines, where a platform device with ID 2 is used instead of the expected ID 1. This discrepancy...

Fedora 43 : rust-cursive / rust-cursive0.20 / rust-cursive_core / etc (2025-8b79fa8396)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-8b79fa8396 advisory. - Update the cursive crate to version 0.21.1 and add a compat package for version 0.20. - Update the cursivecore crate to version 0.4.6 and add a compat...

SUSE-SU-2025:01879-1 Security update for nodejs22

This update for nodejs22 fixes the following issues: Update to version 22.15.1. Security issues fixed: - CVE-2025-23166: remotely triggerable process crash due to improper error handling in async cryptographic operations bsc1243218. - CVE-2025-23165: memory leak and unbounded memory growth due to...

[SECURITY] Fedora 42 Update: qt6-qt5compat-6.9.1-1.fc42

Qt6 - Qt 5 Compatibility Libraries...

WordPress plugin Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light SQL注入漏洞

WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light is a plugin for WordPress that makes it easy to change prices for WooCommerce and WP e-commerce products. WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light is vulnerable to SQL injection. The...

Bridging the Gap between Hardware Fuzzing and Industrial Verification

As hardware design complexity increases, hardware fuzzing emerges as a promising tool for automating the verification process. However, a significant gap still exists before it can be applied in industry. This paper aims to summarize the current progress of hardware fuzzing from an industry-use...