386 matches found
CVE-2025-11468
CVE-2025-11468 refers to a Python vulnerability where folding a long comment in an email header that contains exclusively unfoldable characters can cause the parenthesis to be lost, enabling header injection when the addresses are user-controlled. The issue is tied to Python’s email/header handli...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000755)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000755 advisory. The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by...
MiracleLinux 7 : pcs-0.9.143-15.el7 (AXSA:2015-718:02)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-718:02 advisory. pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and created pacemaker based clusters. Security issues fixed with...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: IMA: Do not clear the IMADIGSIG flag when setting or removing non-IMA xattr. Currently, when both IMA and EVM are in “fix” mode, the IMA signature will be reset to the IMA hash if a program first stores the IMA signature in...
Linux Distros Unpatched Vulnerability : CVE-2025-68764
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock moun...
Security in the Era of Perceptive Networks: A Comprehensive Taxonomic Framework for Integrated Sensing and Communication Security
Integrated Sensing and Communication ISAC represents a significant shift in the 6G landscape, where wireless networks both sense the environment and communicate. While prior comprehensive surveys have established foundational elements of ISAC security, discussed perception-focused security models...
Comparative Evaluation of VAE, GAN, and SMOTE for Tor Detection in Encrypted Network Traffic
Encrypted network traffic poses significant challenges for intrusion detection due to the lack of payload visibility, limited labeled datasets, and high class imbalance between benign and malicious activities. Traditional data augmentation methods struggle to preserve the complex temporal and...
PT-2026-28095
Name of the Vulnerable Software and Affected Versions V8 versions 20.x through 25.x Description A flaw exists in V8's string hashing mechanism where integer-like strings are hashed to their numeric value, leading to predictable hash collisions. An attacker can exploit this by crafting requests th...
SUSE CVE-2025-68340
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
CVE-2025-68340
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
AZL-78404 CVE-2025-68340 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
UBUNTU-CVE-2025-68340
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
CVE-2025-68340
CVE-2025-68340 (Linux kernel): A race/logic sequencing issue in the team device code can hang when adding a port device (e.g., gre0) configured as UP. Root cause: moving team_dev_type_check_change to after subsequent checks caused header_ops to switch from eth_header to ipgre_header mid-execution...
CVE-2025-68340 team: Move team device type change at the end of team_port_add
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
CVE-2025-68340 team: Move team device type change at the end of team_port_add
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
CVE-2025-68340
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
Hacktivists claim near-total Spotify music scrape
Hacktivist group Anna’s Archive claims to have scraped almost all of Spotify’s catalog and is now seeding it via BitTorrent, effectively turning a streaming platform into a roughly 300 TB pirate “preservation archive.” On its blog, the group states: “A while ago, we discovered a way to scrape...
SemCovert: Secure and Covert Video Transmission Via Deep Semantic-Level Hiding
Video semantic communication, praised for its transmission efficiency, still faces critical challenges related to privacy leakage. Traditional security techniques like steganography and encryption are challenging to apply since they are not inherently robust against semantic-level transformations...
CVE-2025-68183 ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr
In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...
CVE-2025-68183
CVE-2025-68183 relates to the Linux kernel IMA logic. The issue occurs when both IMA and EVM are in fix mode: the IMA_DIGSIG flag can be cleared when a file’s security attributes are updated (e.g., setting/removing security.xattrs such as security.selinux or security.evm). This can cause a valida...