glibc bug fix update

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries libc, POSIX thread librarie...

be.yildiz-games:module-messaging-activemq (=1.0.15), com.chutneytesting:action-impl (>=2.2.1 <=3.0.0) +114 more potentially affected by CVE-2025-27533 via org.apache.activemq:activemq-client (>=5.18.0 <=5.18.6)

org.apache.activemq:activemq-client MAVEN version =5.18.0, =2.2.1, =2.2.1, =2.2.2, =2.2.1, =2.0.0, =0.4.4, =0.4.4, =0.28.0, =2.0.0, =3.0.0, =0.17.0, =0.19.12-2023-11-12, =RC0-0.19.12-2023-10-27, =RC0-0.19.12-2023-10-27, =RC-1.0.0.RC4+2025-05-15 and more Source cves: CVE-2025-27533 Source advisory...

Ensure That the LD_LIBRARY_PATH Environment Variable Is Correctly Defined

LDLIBRARYPATH is an environmental variable in Linux. When loading a dynamic link library, the program preferentially obtains the library from the path specified by LDLIBRARYPATH. Generally, LDLIBRARYPATH should not be set, because a maliciously set value will make the program link to an incorrect...

Security Bulletin: Location Service for ESRI Component uses multiple vulnerable libraries and wildcard characters when defining RBAC permissions in Dockerfiles which are vulnerable to multiple CVEs

Summary Location Service for ESRI Component uses jinja2-3.1.4-py3-none-any.whl, jinja2-3.1.5-py3-none-any.whl, cryptography-44.0.0-cp39-abi3-manylinux228x8664.whl and wildcard characters when defining RBAC permissions in Dockerfiles which are vulnerable to CVE-2024-56326, CVE-2024-56201,...

Attestable Builds: Compiling Verifiable Binaries on Untrusted Systems Using Trusted Execution Environments

In this paper we present attestable builds, a new paradigm to provide strong source-to-binary correspondence in software artifacts. We tackle the challenge of opaque build pipelines that disconnect the trust between source code, which can be understood and audited, and the final binary artifact,...

Security Bulletin: Multiple vulnerabilities affect IBM Business Automation Workflow - CVE-2025-27789, CVE-2024-57965, CVE-2025-27152, CVE-2024-55565

Summary Some IBM Business Automation Workflow user interfaces may be affected by vulnerabilities in JavaScript libraries. Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and...

ai.grakn:grakn-dist (>=0.7.0 <=0.16.0), ai.grakn:grakn-test (=0.10.0) +2403 more potentially affected by CVE-2024-52979 via org.elasticsearch:elasticsearch (>=0.6.0 <=7.17.24)

org.elasticsearch:elasticsearch MAVEN version =0.6.0, =0.7.0, =0.6.1, =0.11.0, =j11.2.6.0, =0.3.0, =1.0.1, =5.1.0, =5.6.5, =5.1.0, =5.3.0, =5.1.0, =5.1.0, =5.1.0, =6.10.5 and more Source cves: CVE-2024-52979 Source advisory: OSV:GHSA-MM3M-5497-XGGG...

CVE-2025-4090 Leaked library paths in Thunderbird for Android

A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability was fixed in Firefox 138 and Thunderbird 138...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

ALSA-2025:4244 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

Implementing AI Bill of Materials (AI BOM) with SPDX 3.0: a Comprehensive Guide to Creating AI and Dataset Bill of Materials

A Software Bill of Materials SBOM is becoming an increasingly important tool in regulatory and technical spaces to introduce more transparency and security into a project's software supply chain. Artificial intelligence AI projects face unique challenges beyond the security of their software, and...

CVE-2025-1950

IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands locally due to improper validation of libraries of an untrusted source...

CVE-2025-1950

IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands locally due to improper validation of libraries of an untrusted source...

[SECURITY] Fedora 40 Update: rust-icu_collections-1.5.0-3.fc40

Collection of API for use in ICU libraries...

[SECURITY] Fedora 42 Update: rust-icu_collections-1.5.0-3.fc42

Collection of API for use in ICU libraries...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2025-24813-vulhub POC script for the vulhub environment of...

Medium: thunderbird

Issue Overview: There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds i...