CVE-2022-50398 drm/msm/dp: add atomic_check to bridge ops

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: add atomiccheck to bridge ops DRM committails will disable downstream crtc/encoder/bridge if both disable crtc is required and crtc-active is set before pushing a new frame downstream. There is a rare case that user...

CVE-2022-50398

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: add atomiccheck to bridge ops DRM committails will disable downstream crtc/encoder/bridge if both disable crtc is required and crtc-active is set before pushing a new frame downstream. There is a rare case that user...

Scaling API Security Without the Complexity: Lessons from Early Adopters

APIs are a blessing and a curse. They’re the backbone of the modern internet. They also expose complex behaviors that are often poorly documented, stitched together across legacy and cloud systems, and updated faster than security teams can review. Three key groups typically shoulder the burden o...

Age verification and parental controls coming to ChatGPT to protect teens

OpenAI is going to try and predict the ages of its users to protect them better, as stories of AI-induced harms in children mount. The company, which runs the popular ChatGPT AI, is working on what it calls a long-term system to determine whether users are over 18. If it can't verify that a user ...

Westermo Network Technologies WeOS 5

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative permissions to execute commands that would typically be inaccessible. This could allow the execution of commands with privileges beyond those normally granted to the attacker. 2. RECOMMENDED...

[SECURITY] Fedora 41 Update: lemonldap-ng-2.21.3-1.fc41

LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space as...

PT-2025-38464

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a refcount bug in the qrtr recvmsg function. This issue occurs in concurrent scenarios involving qrtr recvmsg and qrtr endpoint unregister, potentially leading ...

Threat Modeling for Enhancing Security of IoT Audio Classification Devices under a Secure Protocols Framework

The rapid proliferation of IoT nodes equipped with microphones and capable of performing on-device audio classification exposes highly sensitive data while operating under tight resource constraints. To protect against this, we present a defence-in-depth architecture comprising a security protoco...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a reset of immutable mount options in the f2fsremount function, which could lead to a general protectio...

CVE-2025-43331

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data...

CVE-2025-43203

The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note...

CVE-2022-50363

In the Linux kernel, the following vulnerability has been resolved: skmsg: pass gfp argument to allocskmsg syzbot found that allocskmsg could be called from a non sleepable context. skpsockverdictrecv uses rcureadlock protection. We need the callers to pass a gfpt argument to avoid issues. syzbot...

CVE-2022-50367 fs: fix UAF/GPF bug in nilfs_mdt_destroy

In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfsmdtdestroy In allocinode, inodeinitalways could return -ENOMEM if securityinodealloc fails, which causes inode-iprivate uninitialized. Then nilfsismetadatafileinode returns true and nilfsfreeinode...

CVE-2022-50356 net: sched: sfb: fix null pointer access issue when sfb_init() fails

In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, if the qdisc of devqueue fails to be inited during mqprioinit, sfbreset is invoked to clear resources. In this case, the q-qdisc is...

From Quantum Hacks to AI Defenses – Expert Guide to Building Unbreakable Cyber Resilience

Quantum computing and AI working together will bring incredible opportunities. Together, the technologies will help us extend innovation further and faster than ever before. But, imagine the flip side, waking up to news that hackers have used a quantum computer to crack your company's encryption...

PYSEC-2025-153

A Protection Mechanism Failure vulnerability in mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass the unsafe globals check. This is possible because the scanner performs an exact match for module names, allowing malicious payloads to be loaded via...

CVE-2025-10157

A Protection Mechanism Failure vulnerability in mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass the unsafe globals check. This is possible because the scanner performs an exact match for module names, allowing malicious payloads to be loaded via...

Dyad 代码注入漏洞

Dyad is an AI application builder open-sourced by Dyad. A code injection vulnerability exists in Dyad 0.19.0 and earlier versions, which stems from the Preview Window feature that can bypass Docker container protection and could lead to the execution of arbitrary code...

PT-2025-38177

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the nilfs mdt destroy function related to uninitialized inode private data. Specifically, if security inode alloc fails during inode allocation alloc...

Linux Distros Unpatched Vulnerability : CVE-2023-53319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvmarminit failure correctly in finalizepkvm Currently there is no...