2424 matches found
MiracleLinux 4 : net-snmp-5.5-54.AXS4 (AXSA:2015-271:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-271:01 advisory. SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an...
CVE-2026-22858
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...
Structure and reliability in e-commerce platforms
A successful e-commerce platform requires more than just a good-looking design. Security, stability, speed, and scalability are key…...
MiracleLinux 4 : bind-9.8.2-0.10.rc1.AXS4 (AXSA:2012-801:02)
"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-801:02 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves ho...
MiracleLinux 3 : kvm-83-249.0.1.AXS3 (AXSA:2012-643:01)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-643:01 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines...
CVE-2025-68380 wifi: ath11k: fix peer HE MCS assignment
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix peer HE MCS assignment In ath11kwmisendpeerassoccmd, peer's transmit MCS is sent to firmware as receive MCS while peer's receive MCS sent as transmit MCS, which goes against firmwire's definition. While connecti...
Linux Distros Unpatched Vulnerability : CVE-2025-68364
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: relax BUG to ocfs2error in ocfs2moveextent In 'ocfs2moveextent', relax 'BUG' to 'ocfs2error' just to avoid crashing the whole kernel due to a filesystem...
Apple macOS Tahoe Memory Mishandling Vulnerability
Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from a memory mishandling vulnerability that stems from a flaw in the system's memory handling...
PT-2025-51629
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Disable trampoline for kernel module function trace The current LoongArch BPF trampoline implementation is incompatible with tracing functions in kernel modules. This causes several severe and user-visible problem...
OPENSUSE-SU-2025:20163-1 Security update for grub2
This update for grub2 fixes the following issues: Changes in grub2: - CVE-2025-54771: Fixed grubfileclose does not properly controls the fs refcount bsc1252931 - CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 - CVE-2025-61662: Fixed...
Apple macOS 安全漏洞
Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from a memory mishandling vulnerability that stems from a flaw in the system's memory handling...
Automated Penetration Testing with LLM Agents and Classical Planning
While penetration testing plays a vital role in cybersecurity, achieving fully automated, hands-off-the-keyboard execution remains a significant research challenge. In this paper, we introduce the "Planner-Executor-Perceptor PEP" design paradigm and use it to systematically review existing work a...
CVE-2025-65803
An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before allows attackers to cause a Denial of Service DoS via supplying a crafted PSD file. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...
CVE-2025-66491
Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" intending to enable backend TLS certificate verification actually disables...
UBUNTU-CVE-2023-53811
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum number of msix vectors equal to numonlinecpus + 1 and the kernel warning stack below is shown if that number is exceeded. The kernel throws a warning...
CVE-2025-66510
Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 31.0.10 and 32.0.1 and Nextcloud Enterprise Server prior to 28.0.14.11, 29.0.16.8, 30.0.17.3, and 31.0.10, contacts search allowed to retrieve personal data of other users emails, names, identifiers without prop...
Banking System Stability: A Global Analysis of Cybercrime Laws
We examine the role of cybercrime legislation around the world in shaping the stability of the banking system. We compile a novel dataset covering the enactment of cybercrime legislation in 132 developed and developing countries to empirically test this research question. We find that the enactme...
kernel: cifs: fix oops during encryption
An out-of-bounds memory access vulnerability exists in the linux kernel, such that A stack-allocated buffer backed by vmalloc was passed into crypto code scatterwalkmapandcopy → memcpy where a cross-page write occurred. This ended up hitting a read-only mapping, causing a page-level fault and...
CLSA-2025-1763990271 Fix of 12 CVEs
Focal update: v5.4.291 upstream stable release LP: 2106002 // CVE-2024-58072 - wifi: rtlwifi: remove unused checkbuddypriv Focal update: v5.4.291 upstream stable release LP: 2106002 - wifi: rtlwifi: remove unused timer and related code - wifi: rtlwifi: remove unused dualmac control leftovers Foca...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 CVE-2025-61661: Fixed out-of-bounds write in...