CVE-2025-24302

Uncontrolled recursion for some TinyCBOR libraries maintained by IntelR before version 0.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2025-20025

Uncontrolled recursion for some TinyCBOR libraries maintained by IntelR before version 0.6.1 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2025-20025

CVE-2025-20025 concerns the TinyCBOR library maintained by Intel. Affected are TinyCBOR builds before version 0.6.1, where uncontrolled recursion may allow an authenticated local user to cause a denial of service. Documented impact includes potential resource exhaustion and system crash; CVSS met...

app.cash.lilbitcoinj:lilbitcoinj-core (>=0.0.2 <=0.0.3), app.cash.lninvoice:ln-invoice (>=0.0.1 <=0.0.6) +1309 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-jdk15to18 (>=1.63 <=1.77)

org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.63, =0.0.2, =0.0.1, =0.2.9, =0.1.0, =0.2.1, =0.2.0, =1.0.0, =1.0.1, =0.2.0, =0.2.0, =1.0.0.RELEASE, =1.0.0, =1.0.0.RELEASE, =2.7.0 and more Source cves: CVE-2025-8885 Source advisory: OSV:GHSA-67MF-3CR5-8W23...

com.github.lansheng228:aws-crypto (=1.0.3), com.github.yadickson:autocert (>=2.0.0 <=2.0.2) +35 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-ext-jdk15to18 (>=1.64 <=1.76)

org.bouncycastle:bcprov-ext-jdk15to18 MAVEN version =1.64, =2.0.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.1, =12.31.0, =v9.6.6, =v9.6.6, =v9.6.6, =v9.6.6, =v9.6.6, =v9.6.6, =v9.6.7 and more Source cves: CVE-2025-8885 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11777848...

app.cash.lilbitcoinj:lilbitcoinj-core (>=0.0.2 <=0.0.3), app.cash.lninvoice:ln-invoice (>=0.0.1 <=0.0.6) +1309 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-jdk15to18 (>=1.63 <=1.77)

org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.63, =0.0.2, =0.0.1, =0.2.9, =0.1.0, =0.2.1, =0.2.0, =1.0.0, =1.0.1, =0.2.0, =0.2.0, =1.0.0.RELEASE, =1.0.0, =1.0.0.RELEASE, =2.7.0 and more Source cves: CVE-2025-8885 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11777845...

3lc (>=2.19.0 <=2.21.3), litestar-htmx (>=0.1.0 <=0.3.0) +2 more potentially affected by unknown CVE via litestar (>=2.0.0b2 <=2.15.2)

litestar PYPI version =2.0.0b2, =2.19.0, =0.1.0, =0.2.0, =0.3.14, =0.3.35 Source cves: unknown CVE Source advisory: SNYK:PYTHON-LITESTAR-11776954...

Civil Servants As Builders: Enabling Non-IT Staff to Develop Secure Python and R Tools

Current digital government literature focuses on professional in-house IT teams, specialized digital service teams, vendor-developed systems, or proprietary low-code/no-code tools. Almost no scholarship addresses a growing middle ground: technically skilled civil servants outside formal IT roles...

TraceLens: Question-Driven Debugging for Taint Flow Understanding

Taint analysis is a security analysis technique used to track the flow of potentially dangerous data through an application and its dependent libraries. Investigating why certain unexpected flows appear and why expected flows are missing is an important sensemaking process during end-user taint...

Linux Distros Unpatched Vulnerability : CVE-2025-32801

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kea configuration and API directives can be used to load a malicious hook library. Many common configurations run Kea as root, leave the API entry points...

Linux Distros Unpatched Vulnerability : CVE-2021-25216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as...

Important Photon OS Security Update - PHSA-2025-4.0-0846

Updates of 'icu' packages of Photon OS have been released...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2025:13240 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

ALSA-2025:12980 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

Malicious code in e-voting-libraries-ui-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b61daa9fe3e3708d3d8fb85252df936d46de90bf87b463f270618bf8769aba02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6412 Malicious code in e-voting-libraries-ui-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b61daa9fe3e3708d3d8fb85252df936d46de90bf87b463f270618bf8769aba02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

RHSA-2025:12282 Red Hat Security Advisory: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update

Bulletin has no description...