Security Bulletin: WebSphere Service Registry and Repository (WSSR) is affected by IBM SDK, Java Technology Edition Quarterly CPU - July 2025 - Includes Oracle July 2025 CPU plus CVE-2025-30754

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository, and it uses the IBM® Java SDK. Information about the IBM® Java SDK July 2025 CPU is available in a Security Bulletin. Vulnerability Details Refer to the security bulletins listed in the...

Airoha Bluetooth audio SDK 安全漏洞

Airoha Bluetooth audio SDK is a software development kit from Airoha. Airoha Bluetooth audio SDK suffers from a security vulnerability that originates from unauthorized access to the RACE protocol and could result in remote elevation of privilege...

The vulnerability of the SDK – Software Development Kit for product lifecycle management software for Oracle Agile PLM Framework, allowing a perpetrator to access confidential information

The vulnerability of the SDK-Software Development Kit, a software tool for managing product lifecycles in Oracle Agile PLM Framework enterprises, is related to improper authentication. Exploiting this vulnerability can allow an attacker, operating remotely, to access confidential information...

Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059 JDK:...

Model Context Protocol Python SDK 安全漏洞

Model Context Protocol Python SDK is a Model Context Protocol open source development tool for Model Context Protocol servers and clients. A security vulnerability exists in the Model Context Protocol Python SDK prior to version 1.9.4, which stems from an unhandled exception when handling malform...

Malicious code in kucoin-universal-sdk-example (npm)

--- -= Per source details. Do not edit below this line.=-...

[SECURITY] Fedora 41 Update: dotnet8.0-8.0.116-1.fc41

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

CVE-2023-22669

Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

CVE-2021-32994

Softing OPC UA C++ SDK Software Development Kit versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locatio...

CVE-2020-0561

Improper initialization in the IntelR SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-9628

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2020-9626

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2020-9589

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2020-9623

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

Malicious code in ai-labs-snippets-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2d5d4e1e66d1a84969c7af5822efb6e894abc0d263c87f583bf45591d216b85a During the importing, it loads a file pretending to an AI model. This file contains pickle-serialized code that exfiltrates data basic IP/username info, as wel...

RLSA-2024:4567 Important: java-11-openjdk security update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessive...

The vulnerability of the SDK components of AirPlay and CarPlay Communication Plug-in, which allows a perpetrator to cause a service failure.

The vulnerability of the SDK components of AirPlay and CarPlay Communication Plug-in relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

Apple多款产品 安全漏洞

Apple FairPlay and others are products of Apple Inc.Apple FairPlay is a core component used to provide media playback capabilities to devices.Apple AirPlay audio SDK is an officially licensed development kit that allows third-party hardware products to integrate the AirPlay audio streaming protoc...

VApps: Verifiable Applications at Internet Scale

Blockchain technology promises a decentralized, trustless, and interoperable infrastructure. However, widespread adoption remains hindered by issues such as limited scalability, high transaction costs, and the complexity of maintaining coherent verification logic across different blockchain layer...

RLSA-2025:0426 Moderate: java-21-openjdk security update for Rocky Linux 8.10, 9.4 and 9.5

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Enhance array handling CVE-2025-21502 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...