[SECURITY] Fedora 41 Update: python3.6-3.6.15-47.fc41

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

Exploit for OS Command Injection in Progress Loadmaster

CVE-2024-1212 - Progress Kemp LoadMaster Unauthenticated Comma...

Hybrid Quantum Security for IPsec

Quantum Key Distribution QKD offers information-theoretic security against quantum computing threats, but integrating QKD into existing security protocols remains an unsolved challenge due to fundamental mismatches between pre-distributed quantum keys and computational key exchange paradigms. Thi...

Malicious code in seclab-research-depconf-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 71ecf56c682dd44134d9a4d17fb2ae3d20091681372f89902c84d5dc2533c03d Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

PT-2025-31073

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue was identified in the rpl do srh inline function within the Linux kernel. The vulnerability occurs when the function fetches an IPv6 header ipv6 hdrskb and accesse...

Azure Linux 3.0 Security Update: libsoup (CVE-2025-32909)

The version of libsoup installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32909 advisory. - A flaw was found in libsoup. SoupContentSniffer May be vulnerable to a NULL pointer dereference in the...

Favicon Trojans: Executable Steganography Via Ico Alpha Channel Exploitation

This paper presents a novel method of executable steganography using the alpha transparency layer of ICO image files to embed and deliver self-decompressing JavaScript payloads within web browsers. By targeting the least significant bit LSB of non-transparent alpha layer image values, the propose...

[SECURITY] Fedora 42 Update: rust-nu-test-support-0.99.1-4.fc42

Support for writing Nushell tests...

CVE-2025-38298

In the Linux kernel, the following vulnerability has been resolved: EDAC/skxcommon: Fix general protection fault After loading i10nmedac which automatically loads skxedaccommon, if unload only i10nmedac, then reload it and perform error injection testing, a general protection fault may occur: mce...

CVE-2025-38298 EDAC/skx_common: Fix general protection fault

In the Linux kernel, the following vulnerability has been resolved: EDAC/skxcommon: Fix general protection fault After loading i10nmedac which automatically loads skxedaccommon, if unload only i10nmedac, then reload it and perform error injection testing, a general protection fault may occur: mce...

CVE-2025-38298

CVE-2025-38298 corresponds to a Linux kernel EDAC issue (EDAC/skx_common) where reloading i10nm_edac after unloading and reloading can trigger a general protection fault. The root cause was that the adxl_component_count variable, which tracks ADXL components, was not reset during the reload seque...

CVE-2025-38298 EDAC/skx_common: Fix general protection fault

In the Linux kernel, the following vulnerability has been resolved: EDAC/skxcommon: Fix general protection fault After loading i10nmedac which automatically loads skxedaccommon, if unload only i10nmedac, then reload it and perform error injection testing, a general protection fault may occur: mce...

CVE-2025-38293 wifi: ath11k: fix node corruption in ar->arvifs list

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix node corruption in ar-arvifs list In current WLAN recovery code flow, ath11kcorehalt only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an...

Exploit for Uncontrolled Resource Consumption in Oracle Mysql_Cluster

CVE-2025-21574-Exploit Key Features of this Black-Box Exploi...

CVE-2025-53657

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets, and passwords displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2025-53656

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file...

CVE-2025-53657

CVE-2025-53657 affects Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier. The issue is that SLM License Access Keys, client secrets, and passwords displayed on the job configuration form are not masked, enabling potential exposure to users with access to the Jenkins UI/file system. Impa...

CVE-2025-53657

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets, and passwords displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2025-53547 vulnerabilities

Vulnerabilities for packages: pluto, chart-testing, kots, chartmuseum, envoy-gateway, flux-helm-controller, linkerd2-fips, trivy-fips, k9s, tw, cerbos-fips, trivy-operator-fips, flux-fips, chartmuseum-fips, chart-testing-fips, cloudbeat-fips, flux-source-controller-fips, helm-operator-fips, zot,...

GHSA-557J-XG8C-Q2MM vulnerabilities

Vulnerabilities for packages: pluto, chart-testing, kots, chartmuseum, envoy-gateway, flux-helm-controller, linkerd2-fips, trivy-fips, k9s, tw, cerbos-fips, trivy-operator-fips, flux-fips, chartmuseum-fips, chart-testing-fips, cloudbeat-fips, flux-source-controller-fips, helm-operator-fips, zot,...