EulerOS 2.0 SP10 : glib2 (EulerOS-SA-2025-1514)

According to the versions of the glib2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus- based client subscribes to signals from a...

Another Move in the Deepfake Creation/Detection Arms Race

Deepfakes are now mimicking heartbeats In a nutshell Recent research reveals that high-quality deepfakes unintentionally retain the heartbeat patterns from their source videos, undermining traditional detection methods that relied on detecting subtle skin color changes linked to heartbeats. The...

CVE-2025-37784

In the Linux kernel, the following vulnerability has been resolved: net: ti: icss-iep: Fix possible NULL pointer dereference for perout request The ICSS IEP driver tracks perout and pps enable state with flags. Currently when disabling pps and perout signals during icssiepexit, results in NULL...

CVE-2025-37784

CVE-2025-37784 affects the Linux kernel ICSS IEP driver (net: ti: icss-iep). The vulnerability was caused by a NULL pointer dereference when disabling PPS/PEROUT during icss_iep_exit(), due to lingering perout state referenced by icss_iep_perout_enable_hw. The fix updates icss_iep_perout_enable_h...

CVE-2025-37747

CVE-2025-37747 (Linux kernel) – perf hang on freeing sigtrap event Affects: Linux kernel perf subsystem, specifically perf_event_overflow and related task_work handling. When a deferred signal is not sent before a file is closed, freeing a sigtrap event can hang due to the interaction between per...

编号撤回

goTenna Mesh is a portable mesh networking device from goTenna that builds decentralized communication networks through intelligent routing algorithms and supports offline transmission of text/location/emergency signals from smartphones. This CVE number has been withdrawn...

DICOM Compatible, 3D Multimodality Image Encryption Using Hyperchaotic Signal

Medical image encryption plays an important role in protecting sensitive health information from cyberattacks and unauthorized access. In this paper, we introduce a secure and robust encryption scheme that is multi-modality compatible and works with MRI, CT, X-Ray and Ultrasound images for...

Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals

Cybersecurity researchers have detailed a malware campaign that's targeting Docker environments with a previously undocumented technique to mine cryptocurrency. The activity cluster, per Darktrace and Cado Security, represents a shift from other cryptojacking campaigns that directly deploy miners...

PT-2025-18465

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference issue has been identified in the ICSS IEP driver of the Linux kernel. This issue occurs when disabling PPS and perout signals during the icss iep exit function...

US Department of Labor’s journey to Zero Trust security with Microsoft Entra ID

For several years, Microsoft has been helping United States federal and state government groups, including military departments and civilian agencies, transition to a Zero Trust security model. Advanced features in Microsoft Entra ID have helped these organizations meet requirements to employ...

Linux Distros Unpatched Vulnerability : CVE-2024-34397

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus- based client subscribes to signals from a trusted system...

Linux Distros Unpatched Vulnerability : CVE-2015-0245

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows...

DEBIAN-CVE-2025-21728

In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpfsendsignal kfunc, it will cause issues because this kfunc can...

UBUNTU-CVE-2025-21728

In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpfsendsignal kfunc, it will cause issues because this kfunc can...

CVE-2025-21728

In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpfsendsignal kfunc, it will cause issues because this kfunc can...

CVE-2025-21728 bpf: Send signals asynchronously if !preemptible

In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpfsendsignal kfunc, it will cause issues because this kfunc can...

CVE-2025-27348

CVE-2025-27348 pertains to a Stored XSS in the WordPress plugin WP Social SEO Booster – Knowledge Graph Social Signals SEO, affecting versions n/a through 1.2.0. The root cause, per the sources, is improper neutralization of input during web page generation. The vulnerability enables stored cross...

Q-Free MAXTIME Suite 安全漏洞

Q-Free MAXTIME Suite is a software suite for local traffic signal management from Q-Free. A security vulnerability exists in Q-Free MAXTIME Suite version 2.11.0 and prior versions that stems from a missing authorization in maxprofile/users/routes.lua. An attacker exploiting this vulnerability cou...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: signal: restored the overriderlimit logic Before committing the change d64696905554 “Reimplementing RLIMITSIGPENDING based on ucounts”, R LIMIT for a class of signals was not enforced. However, now it is enforced unconditionally,...

CVE-2024-9310 Traffic Alert and Collision Avoidance System (TCAS) II has a Reliance on Untrusted Inputs in a Security Decision vulnerability

By utilizing software-defined radios and a custom low-latency processing pipeline, RF signals with spoofed location data can be transmitted to aircraft targets. This can lead to the appearance of fake aircraft on displays and potentially trigger undesired Resolution Advisories RAs...