Vulnerabilities Resolved in Veeam Backup & Replication 12.3.2

All vulnerabilities documented in this article were resolved in Veeam Backup & Replication 12.3.2. Veeam Product Latest Version Download Page Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we...

The 48-Hour Exploit Window: Are You Ready?

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on CAASM & CDMB Inefficiencies! Forget everything you know about...

How to Monetize Unity Apps: Best Practices

Unity is one of the most popular game engines for mobile and cross-platform app development. It powers millions…...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-993)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-993 advisory. In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2keyencode CVE-2024-36967 In the Linux kernel, the following vulnerability has been...

[SECURITY] Fedora 42 Update: qt-creator-16.0.1-2.fc42

Qt Creator is a cross-platform IDE integrated development environment tailored to the needs of Qt developers...

[SECURITY] Fedora 42 Update: qt6-qtbase-6.9.1-1.fc42

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

[SECURITY] Fedora 42 Update: dtk6gui-6.0.27-6.fc42

Deepin Tool Kit DtkGui is the development graphical user interface of all C++/Qt Developer work on Deepin...

CVE-2025-2474 Vulnerability in PCX Image Codec Impacts QNX Software Development Platform

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec...

CVE-2025-2474

CVE-2025-2474 describes an out-of-bounds write in the PCX image codec used by QNX SDP 7.0, 7.1, and 8.0. The vulnerability could allow an unauthenticated attacker to cause a denial-of-service or execute code in the context of the process using the image codec. Connected sources corroborate the af...

Malicious code in libxml2-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4180cf36e11e0565c87f4377f677fff16f320850f8f544b98c24eecd3cd96c7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Medium: cuda-nvml-devel-12-9

Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this...

Medium: libcufile-12-9

Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this...

OpenAI Bans ChatGPT Accounts Used by Russian, Iranian, and Chinese Hacker Groups

OpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese nation-state hacking groups to assist with malware development, social media automation, and research about U.S. satellite communications technologies, among...

GHSA-4V9V-HFQ4-RM2V webpack-dev-server users' source code may be stolen when they access a malicious web site

Summary Source code may be stolen when you access a malicious web site. Details Because the request for classic script by a script tag is not subject to same origin policy, an attacker can inject in their site and run the script. Note that the attacker has to know the port and the output entrypoi...

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: nodejs:22 security update

An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.15+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

ALSA-2025:8514 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

Origin Validation Error

Overview org.webjars.npm:webpack-dev-server is an Uses webpack with a development server that provides live reloading. It should be used for development only. Affected versions of this package are vulnerable to Origin Validation Error via theOrigin header, which allows IP address origins to conne...