EUVD-2025-6037

Malicious code in bioql PyPI...

rhel-lightspeed: Improper Access Control in Lightspeed History Management Allows Local Privilege Manipulation

A flaw was found in the Lightspeed history service. Insufficient access controls allow a local, unprivileged user to access and manipulate the chat history of another user on the same system. By abusing inter-process communication calls to the history service, an attacker can view, delete, or...

rhel-lightspeed: Improper Access Control in Lightspeed History Management Allows Local Privilege Manipulation

A flaw was found in the Lightspeed history service. Insufficient access controls allow a local, unprivileged user to access and manipulate the chat history of another user on the same system. By abusing inter-process communication calls to the history service, an attacker can view, delete, or...

CVE-2025-5962

A flaw was found in the Lightspeed history service. Insufficient access controls allow a local, unprivileged user to access and manipulate the chat history of another user on the same system. By abusing inter-process communication calls to the history service, an attacker can view, delete, or...

CVE-2025-5962 Rhel-lightspeed: improper access control in lightspeed history management allows local privilege manipulation

A flaw was found in the Lightspeed history service. Insufficient access controls allow a local, unprivileged user to access and manipulate the chat history of another user on the same system. By abusing inter-process communication calls to the history service, an attacker can view, delete, or...

CVE-2025-5962 Rhel-lightspeed: improper access control in lightspeed history management allows local privilege manipulation

A flaw was found in the Lightspeed history service. Insufficient access controls allow a local, unprivileged user to access and manipulate the chat history of another user on the same system. By abusing inter-process communication calls to the history service, an attacker can view, delete, or...

CVE-2025-5962

CVE-2025-5962 affects Lightspeed history service. A local, unprivileged user can abuse inter-process communication with the history service to view, delete, or inject history entries, potentially manipulating another user’s chat history and enabling privilege misuse or unauthorized command execut...

PT-2025-38699

Name of the Vulnerable Software and Affected Versions Lightspeed affected versions not specified Description A flaw exists in the Lightspeed history service due to insufficient access controls. A local, unprivileged user can access and manipulate the chat history of another user on the same syste...

CVE-2025-34189

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 1.0.735 and Application versions prior to 20.0.1330 macOS/Linux client deployments contain a vulnerability in the local inter-process communication IPC mechanism. The software stores IPC request and response files inside...

CVE-2025-34189

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 1.0.735 and Application versions prior to 20.0.1330 macOS/Linux client deployments contain a vulnerability in the local inter-process communication IPC mechanism. The software stores IPC request and response files inside...

CVE-2025-34189 Vasion Print (formerly PrinterLogic) Insecure Inter-Process Communication Allows Local Session Hijacking

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 1.0.735 and Application versions prior to 20.0.1330 macOS/Linux client deployments contain a vulnerability in the local inter-process communication IPC mechanism. The software stores IPC request and response files inside...

Vasion Print Virtual Appliance Host和Vasion Print Application 安全漏洞

Vasion Print Virtual Appliance Host and Vasion Print Application are both products of Vasion Corporation of the U.S.A. Vasion Print Virtual Appliance Host is a print management software.Vasion Print Application is a printer management application. A security vulnerability exists in Vasion Print...

PT-2025-38606

Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 1.0.735 Vasion Print formerly PrinterLogic Application versions prior to 20.0.1330 Description The software stores inter-process communication IPC request and response...

Lobe Chat Desktop vulnerable to Remote Code Execution via XSS in Chat Messages

Summary We identified a cross-site scripting XSS vulnerability when handling chat message in lobe-chat that can be escalated to remote code execution on the user’s machine. Any party capable of injecting content into chat messages, such as hosting a malicious page for prompt injection, operating ...

Apple Safari IPC Connection Invalidation Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address...

SUSE-SU-2025:03210-1 Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002333 fixes several issues. The following security issues were fixed: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2025-38001: netsched: hfsc: Address...

Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050055110 fixes several issues. The following security issues were fixed: CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. CVE-2025-38000: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue...

SUSE-SU-2025:03182-1 Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024167 fixes several issues. The following security issues were fixed: - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. - CVE-2025-38000: schhfsc: Fix qlen accounting bug when using peek in hfscenque...

CVE-2025-58768

DeepChat is a smart assistant uses artificial intelligence. Prior to version 0.3.5, in the Mermaid chart rendering component, there is a risky operation of directly using innerHTML to set user content. Therefore, any malicious content rendered via Mermaid will directly trigger the exploit chain,...