PT-2025-44555

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1 Description The software is susceptible to cross-site scripting XSS through the Graph Explorer component. Insufficient validation or escaping of user-supplied input could allow an attacker to inject and execu...

PT-2025-44554

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.11.3 Description The software is susceptible to cross-site scripting XSS through the Graph Explorer component. Insufficient validation or escaping of user-supplied input could allow an attacker to inject and execu...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.11.3, which stems from a Graph Explorer...

kernel: eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

BIT-GITLAB-2025-11447 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to cause a denial of service condition by sending GraphQL requests with crafted JSON payloads...

Attention Augmented GNN RNN-Attention Models for Advanced Cybersecurity Intrusion Detection

In this paper, we propose a novel hybrid deep learning architecture that synergistically combines Graph Neural Networks GNNs, Recurrent Neural Networks RNNs, and multi-head attention mechanisms to significantly enhance cybersecurity intrusion detection capabilities. By leveraging the comprehensiv...

kernel: eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

Vulnerabilities fixed in GitLab Enterprise and Community Edition

GitLab has fixed vulnerabilities in GitLab Community Edition CE and Enterprise Edition EE versions. The vulnerabilities include the ability for unauthenticated attackers to cause denial-of-service conditions by sending specially crafted payloads and GraphQL requests. In addition, authenticated...

CVE-2025-11447

CVE-2025-11447 affects GitLab CE/EE with DoS risk from unauthenticated GraphQL requests carrying crafted JSON payloads. Affected versions include 11.0–18.3.5, 18.4 prior to 18.4.3, and 18.5 prior to 18.5.1. Remediation has been issued; updates to GitLab 18.5.1 (and later) address the issue. Explo...

CVE-2025-11447 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to cause a denial of service condition by sending GraphQL requests with crafted JSON payloads...

CVE-2025-11447 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to cause a denial of service condition by sending GraphQL requests with crafted JSON payloads...

Evaluation of Vision-LLMs in Surveillance Video

The widespread use of cameras in our society has created an overwhelming amount of video data, far exceeding the capacity for human monitoring. This presents a critical challenge for public safety and security, as the timely detection of anomalous or criminal events is crucial for effective...

Linux Distros Unpatched Vulnerability : CVE-2025-11708

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in MediaTrackGraphImpl::GetInstance. This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

langchainlanggraph-checkpoint-sqlite SQL注入漏洞

langchainlanggraph-checkpoint-sqlite is an open source database connectivity Python library from LangChain. An SQL injection vulnerability exists in langchainlanggraph-checkpoint-sqlite version 2.0.10, which stems from improper handling of the filter operator and could lead to an SQL injection...

Oracle Critical Patch Update, October 2025 Security Update Review

Oracle released its third quarterly edition of this year’s Critical Patch Update. The update received patches for 374 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in various product families,...

SUSE CVE-2022-50572

In the Linux kernel, the following vulnerability has been resolved: ASoC: audio-graph-card: fix refcount leak of cpuep in graphforeachlink The ofgetnextchild returns a node with refcount incremented, and decrements the refcount of prev. So in the error path of the while loop, ofnodeput needs be...

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

DEBIAN-CVE-2022-50574

In the Linux kernel, the following vulnerability has been resolved: drm/omap: dss: Fix refcount leak bugs In dssinitports and dssuninitports, we should call ofnodeput for the reference returned by ofgraphgetportbyid in fail path or when it is not used anymore...

CVE-2022-50572

In the Linux kernel, the following vulnerability has been resolved: ASoC: audio-graph-card: fix refcount leak of cpuep in graphforeachlink The ofgetnextchild returns a node with refcount incremented, and decrements the refcount of prev. So in the error path of the while loop, ofnodeput needs be...

DEBIAN-CVE-2022-50572

In the Linux kernel, the following vulnerability has been resolved: ASoC: audio-graph-card: fix refcount leak of cpuep in graphforeachlink The ofgetnextchild returns a node with refcount incremented, and decrements the refcount of prev. So in the error path of the while loop, ofnodeput needs be...