CVE-2024-58100

In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changespktdata property of the...

CVE-2024-58100

CVE-2024-58100 concerns the Linux kernel BPF verifier and how it handles the changes_pkt_data property for extension/global programs. The available details describe a commit that: adds a changes_pkt_data flag to struct bpf_prog_aux, sets this flag for the main sub-program in check_cfg() and for o...

CVE-2024-58100 bpf: check changes_pkt_data property for extension programs

In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changespktdata property of the...

CVE-2024-58100

In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changespktdata property of the...

CVE-2022-49862 tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header

In the Linux kernel, the following vulnerability has been resolved: tipc: fix the msg-req tlv len check in tipcnlcompatnametabledumpheader This is a follow-up for commit 974cb0e3e7c9 "tipc: fix uninit-value in tipcnlcompatnametabledump" where it should have type casted sizeof.. to int to work whe...

Debian dla-4152 : libnode-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4152 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4152-1 [email protected] https://www.debian.org/lts/security/...

OpenFGA Authorization Bypass

Overview OpenFGA v1.8.10 or previous Helm chart = openfga-0.2.28, docker = v.1.8.10 are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Am I Affected? If you are using OpenFGA v1.8.10 or previous, specifically under the following conditions, you are affect...

The compatibility subsystem for running Linux applications allows Windows Subsystem for Linux (WSL) operating systems. This enables attackers to increase their privileges.

The vulnerability of the compatibility subsystem for running Linux applications in Windows Subsystem for Linux WSL operating systems is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

Llama-3.1-FoundationAI-SecurityLLM-Base-8B Technical Report

As transformer-based large language models LLMs increasingly permeate society, they have revolutionized domains such as software engineering, creative writing, and digital arts. However, their adoption in cybersecurity remains limited due to challenges like scarcity of specialized training data a...

AZL-69593 CVE-2025-22105 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...

CVE-2025-22033

CVE-2025-22033: Linux kernel arm64 fix for a NULL pointer dereference in alignment handling. The issue occurs when do_alignment_t32_to_handler() fixes only specific instructions and returns NULL for others (e.g., LDREX); callers would proceed with regular alignment fault handling (SIGBUS). Withou...

CVE-2025-22033

In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in docompatalignmentfixup doalignmentt32tohandler only fixes up alignment faults for specific instructions; it returns NULL otherwise e.g. LDREX. When that's the case, signal to the caller that it needs to...

PCDiff: Proactive Control for Ownership Protection in Diffusion Models with Watermark Compatibility

With the growing demand for protecting the intellectual property IP of text-to-image diffusion models, we propose PCDiff -- a proactive access control framework that redefines model authorization by regulating generation quality. At its core, PCDIFF integrates a trainable fuser module and...

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Validate.js Regular Expression Denial of Service (ReDoS) vulnerabilitiy(CVE-2020-26310)

Summary A potential Regular Expression Denial of Service ReDoSvulnerability CVE-2020-26310 has been identified related to Validate.js that affects IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...

Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser

Instagram Brute Force CPU/GPU Supported 2024 Use option 2 while running the script. Option 1 is on development Chrome should be downloaded in device. Compatible and Tested GUI Supported Operating Systems Only Python 3.13 x64 bit Unix / Linux / Mac / Windows 8.1 and higher Install Requirements pip...

Important: Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release

The 1.1.2 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.1 The RHTAS Operator can be used with OpenShift Container Platform 4.14, 4.15, 4.16, 4.17...

PT-2025-25808

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for this issue Description A vulnerability in the Linux kernel has been resolved. The issue occurs when calling core::fmt::write from Rust code while FineIBT is enabled, resultin...

Consistent Security Everywhere: Akamai Makes Leading WAF Technology CDN-Agnostic

...

DEBIAN-CVE-2025-22871

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext...

Update 25.6 for Microsoft Dynamics 365 Business Central 2024 Release Wave 2 (Application Build 25.6.32556, Platform Build 25.2.32308)

None None...