net: atm: add lec_mutex

...

atm: Revert atm_account_tx() if copy_from_iter_full() fails.

...

atm: clip: prevent NULL deref in clip_push()

...

VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify

...

Linux Distros Unpatched Vulnerability : CVE-2023-52456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx...

Linux Distros Unpatched Vulnerability : CVE-2024-44981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix UBSAN 'subtraction overflow' error in shiftandmask UBSAN reports the followin...

Security Bulletin: Multiple vulnerabilities in IBM Business Automation Workflow Machine Learning Server are addressed with 24.0.0-IF006

Summary In addition to updates to operating system level packages, IBM Business Automation Workflow Machine Learning Server 24.0.0-IF006 addresses the following vulnerabilities. Vulnerability Details CVEID:CVE-2024-47081 DESCRIPTION: Requests is a HTTP library. Due to a URL parsing issue, Request...

SUSE CVE-2025-53513

The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through th...

Measuring the Carbon Footprint of Cryptographic Privacy-Enhancing Technologies

Privacy-enhancing technologies PETs have attracted significant attention in response to privacy regulations, driving the development of applications that prioritize user data protection. At the same time, the information and communication technology ICT sector faces growing pressure to reduce its...

EDK2 SMM MCE Enablement Issue

Summary A researcher reported a bug in the open source EDK2 system management interrupt SMI entry code when an MCE occurs near the start of the SMI handler. An attacker who can inject a machine check exception MCE could cause execution to jump to an attacker-controlled interrupt handler, leading ...

IMU: Influence-Guided Machine Unlearning

Recent studies have shown that deep learning models are vulnerable to attacks and tend to memorize training data points, raising significant concerns about privacy leakage. This motivates the development of machine unlearning MU, i.e., a paradigm that enables models to selectively forget specific...

Leveraging Machine Learning for Botnet Attack Detection in Edge-Computing Assisted IoT Networks

The increase of IoT devices, driven by advancements in hardware technologies, has led to widespread deployment in large-scale networks that process massive amounts of data daily. However, the reliance on Edge Computing to manage these devices has introduced significant security vulnerabilities, a...

Apple ID scam leads to $27,000 in-person theft of Ohio man

You've probably heard about people scamming from halfway around the world, but sometimes they turn up at your door. That's what happened in May, when 67 year-old Robert Wise of Ohio received a text telling him that his Apple ID had been compromised. It had been used at an Apple store for a $213...

Exploit for CVE-2025-46018

CVE-2025-46018 – CSC Pay Mobile App Payment Authentication Byp...

GHSA-R54C-2XMF-2CF3 MS SWIFT Deserialization RCE Vulnerability

This appears to be a security vulnerability report describing a remote code execution RCE exploit in the ms-swift framework through malicious pickle deserialization in adapter model files. The vulnerability allows arbitrary command execution when loading specially crafted adapter models from...

CVE-2025-54430

dedupe is a python library that uses machine learning to perform fuzzy matching, deduplication and entity resolution quickly on structured data. Before commit 3f61e79, a critical severity vulnerability has been identified within the .github/workflows/benchmark-bot.yml workflow, where a issuecomme...

Moderate: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update

An update for the virt:rhel and virt-devel:rhel module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A...

firefox: thunderbird: Incorrect JavaScript state machine for generators

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...

Malicious code in real-socket-rt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 897bfab5a2a7a305ab43ec0ffd356a56000463ad0f0c9c77731d1aa197aca121 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2025-31382 · Dedupe · Dedupe

Name of the Vulnerable Software and Affected Versions: dedupe versions prior to commit 3f61e79 Description: dedupe is a Python library used for fuzzy matching, deduplication, and entity resolution on structured data. A critical severity issue exists in the .github/workflows/benchmark-bot.yml...