assimp: Open Asset Import Library Assimp ASE File ASEParser.cpp ParseLV4MeshBonesVertices heap-based overflow

A flaw has been found in the Open Asset Import Library assimp. In affected versions, a malformed ASE file may trigger a heap-based buffer overflow, which may lead to an application crash or other undefined behavior...

[SECURITY] Fedora 42 Update: tcpreplay-4.5.2-1.fc42

Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap tcpdump and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information...

RockyLinux 8 : libarchive (RLSA-2025:14135)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:14135 advisory. libarchive: Double free at archivereadformatrarseekdata in archivereadsupportformatrar.c CVE-2025-5914 Tenable has extracted the preceding description block...

advisory-db

This is a security advisory database for Rust crates published through crates.io. The database is maintained by the RustSec project and contains information on security vulnerabilities in various Rust crates. The database is stored in TOML format and can be consumed by various tools for auditing...

vuls

This is an open-source vulnerability scanner for Linux and FreeBSD, written in Go. It is an agentless scanner, meaning it does not require any additional software to be installed on the target systems. The scanner is designed to be easy to use and provides a simple command-line interface. The...

media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()

...

CVE-2025-50096 affecting package mysql for versions less than 8.0.43-1

CVE-2025-50096 affecting package mysql for versions less than 8.0.43-1. An upgraded version of the package is available that resolves this issue...

OESA-2025-2191 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

OESA-2025-2190 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

quantumcore-audits

QuantumCore Security Labs - Smart Contract Audit Demo This re...

SUSE CVE-2025-38680

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...

CVE-2025-55241 Azure Entra ID Elevation of Privilege Vulnerability

...

From summer camp to grind season

Welcome to this week's edition of the Threat Source newsletter. This is the way the world ends This is the way the world ends This is the way the world ends Not with a bang but a whimper. - T.S. Eliot So this is how Summer Camp 2025 ends, not with a bang but a whimper. We've put the summer behind...

DEBIAN-CVE-2025-38680

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...

UBUNTU-CVE-2025-38680

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...

GHSA-9HP6-4448-45G2

creationtimestamp| type| source ---|---|--- 2025-09-04 15:35:19+00:00| seen| https://bsky.app/profile/azu.bsky.social/post/3lxzhvz4hvv2d...

CVE-2025-38707

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size...

CVE-2025-2667

creationtimestamp| type| source ---|---|--- 2025-09-04 15:10:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxzgj2up342r...

Grub2: udf: heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution

...

New Malware Uses Windows Character Map for Cryptomining

Darktrace reports new malware hijacking Windows Character Map for cryptomining, exposing risks of hidden attacks in everyday software…...