(Pwn2Own) Mozilla Firefox IonMonkey JIT Compiler Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the IonMonkey JIT...

Quantum Opacity, Classical Clarity: a Hybrid Approach to Quantum Circuit Obfuscation

Quantum computing leverages quantum mechanics to achieve computational advantages over classical hardware, but the use of third-party quantum compilers in the Noisy Intermediate-Scale Quantum NISQ era introduces risks of intellectual property IP exposure. We address this by proposing a novel...

AlmaLinux 9 : java-21-openjdk (ALSA-2025:3855)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:3855 advisory. JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling CVE-2025-30698...

CVE-2024-47795

Uncontrolled search path for some IntelR oneAPI DPC++/C++ Compiler software before version 2025.0.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-47795

Uncontrolled search path for some IntelR oneAPI DPC++/C++ Compiler software before version 2025.0.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities

Better TLS connection support. CVE-2025-21587 Improve compiler transformations. CVE-2025-30691 Enhance Buffered Image handling. CVE-2025-30698 The updated timezone data are needed by the new Java packages...

MGASA-2025-0156 Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities

Better TLS connection support. CVE-2025-21587 Improve compiler transformations. CVE-2025-30691 Enhance Buffered Image handling. CVE-2025-30698 The updated timezone data are needed by the new Java packages...

openjdk: Improve compiler transformations (Oracle CPU 2025-04)

Vulnerability in Oracle Java SE component: Compiler. Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

kernel: s390: avoid using global register for current_stack_pointer

In the Linux kernel, the following vulnerability has been resolved: s390: avoid using global register for currentstackpointer Commit 30de14b1884b "s390: currentstackpointer shouldn't be a function" made currentstackpointer a global register variable like on many other architectures. Unfortunately...

Intel oneAPI DPC++/C++ Compiler 代码问题漏洞

Intel oneAPI DPC++/C++ Compiler is a compiler from Intel Corporation USA. A code issue vulnerability exists in Intel oneAPI DPC++/C++ Compiler versions prior to 2025.0.0, which stems from an uncontrolled search path that could lead to local elevation of privilege...

PT-2025-21060 · Intel · Intel Oneapi Dpc++/C++ Compiler

Name of the Vulnerable Software and Affected Versions: IntelR oneAPI DPC++/C++ Compiler versions prior to 2025.0.0 Description: The issue concerns an uncontrolled search path in some IntelR oneAPI DPC++/C++ Compiler software. This may allow an authenticated user to potentially enable escalation o...

ALSA-2025:7508 Moderate: java-21-openjdk security update

The OpenJDK 21 runtime environment. Security Fixes: openjdk: Enhance Buffered Image handling Oracle CPU 2025-04 CVE-2025-30698 openjdk: Improve compiler transformations Oracle CPU 2025-04 CVE-2025-30691 openjdk: Better TLS connection support Oracle CPU 2025-04 CVE-2025-21587 For more details abou...

Orc: Arbitrary Code Execution

Background Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays of data. The "language" is a generic assembly language that represents many of the features available in SIMD architectures, including saturated addition and subtraction, and many...

Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. bsc1241274 CVE-2025-30691: unauthorized update, insert or dele...

autoconf bug fix and enhancement update

An update is available for autoconf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNU's Autoconf is a tool for configuring source code and Makefiles. Using...

gcc bug fix update

An update is available for gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ad...

Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.15+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

USN-7484-1 openjdk-24 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 24 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 24 incorrectly handled compiler transformations. An...

USN-7483-1 openjdk-21 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 21 incorrectly handled compiler transformations. An...

USN-7482-1 openjdk-17 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 17 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 17 incorrectly handled compiler transformations. An...