libsoup security update

2.62.3-9 - Add patches to improve test reliability - Backport patches for various CVEs Resolves: RHEL-85879 Resolves: RHEL-92280 Resolves: RHEL-93031 Resolves: RHEL-93032...

CVE-2023-44113

Vulnerability of missing permission verification for APIs in the Designed for Reliability DFR module. Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2021-21739

A ZTE's product of the transport network access layer has a security vulnerability. Because the system does not sufficiently verify the data reliability, attackers could replace an authenticated optical module on the equipment with an unauthenticated one, bypassing system authentication and...

Integrating Communication, Sensing, and Security: Progress and Prospects of PLS in ISAC Systems

The sixth generation of wireless networks defined several key performance indicators KPIs for assessing its networks, mainly in terms of reliability, coverage, and sensing. In this regard, remarkable attention has been paid recently to the integrated sensing and communication ISAC paradigm as an...

DEBIAN-CVE-2023-53036

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

Secure Cluster-Based Hierarchical Federated Learning in Vehicular Networks

Hierarchical Federated Learning HFL has recently emerged as a promising solution for intelligent decision-making in vehicular networks, helping to address challenges such as limited communication resources, high vehicle mobility, and data heterogeneity. However, HFL remains vulnerable to...

From Ahead-of- to Just-in-Time and Back Again: Static Analysis for Unix Shell Programs

Shell programming is as prevalent as ever. It is also quite complex, due to the structure of shell programs, their use of opaque software components, and their complex interactions with the broader environment. As a result, even when exercising an abundance of care, shell developers discover...

April 25, 2025-KB5056579 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 24H2

April 25, 2025-KB5056579 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 24H2 IMPORTANT This update was originally released in the Security and Quality Rollup that’s dated April 22, 2025. This update is included in the Security and Quality Rollup that’s dated July 8,...

Securing Fintech Operations Through Smarter Controls and Automation

With the rise of fintechs, accuracy alone isn’t enough, security and reliability are just as necessary. For fintech…...

April 16, 2025—KB5059087 (OS Build 26100.3781) Out-of-band

April 16, 2025—KB5059087 OS Build 26100.3781 Out-of-band For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows Server 2025, see its update history page. Follow @WindowsUpdate to find out when new content...

R-TPT: Improving Adversarial Robustness of Vision-Language Models through Test-Time Prompt Tuning

Vision-language models VLMs, such as CLIP, have gained significant popularity as foundation models, with numerous fine-tuning methods developed to enhance performance on downstream tasks. However, due to their inherent vulnerability and the common practice of selecting from a limited set of...

April 8, 2025-KB5055170 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016

April 8, 2025-KB5055170 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016 Release Date: April 8, 2025 Version: .NET Framework 4.8 The April 8, 2025 update for Windows 10, version 1607 and Windows Server 2016 includes security and cumulative reliability...

CVE-2025-21991

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

UBUNTU-CVE-2025-21991

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

CVE-2025-21991 x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

CVE-2024-10273 Improper Privilege Management in lunary-ai/lunary

In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models does not have appropriate privilege checks, enabling low-privilege users to update models they should not have access to...

[SECURITY] Fedora 40 Update: trafficserver-9.2.9-1.fc40

Traffic Server is a high-performance building block for cloud services. It's more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching...

Use Genuine Wordfence and Stay Secure, Stay Supported, and Avoid Malware, Vulnerabilities and Backdoors

Genuine Wordfence is only available on Wordfence.com or from the WordPress Plugin Repository. Given our popularity and excellent reputation, there are unfortunately quite a few nulled or counterfeit versions of Wordfence, and plugins that modify Wordfence in the wild. Some of these counterfeit...

Linux Distros Unpatched Vulnerability : CVE-2020-25665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory in routine WritePALMImage because it needs to be offset by 256. This can...

Azure File Sync Agent v20 Release – February 2025

Azure File Sync Agent v20 Release – February 2025 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v20 release that is dated February 2025. Additionally, this article contains installation instructions for this release. Improvements and issues that ar...