RUSTSEC-2025-0045 ConstStaticCell could have been used to pass non-Send values to another thread

ConstStaticCell could have been used to pass non-Send values to another thread, because T was not required to be Send while ConstStaticCell is Send. This was corrected by introducing a T: Send bound...

ConstStaticCell could have been used to pass non-Send values to another thread

ConstStaticCell could have been used to pass non-Send values to another thread, because T was not required to be Send while ConstStaticCell is Send. This was corrected by introducing a T: Send bound...

CLSA-2025-1752748974 git: Fix of CVE-2025-48384

CVE-2025-48384: config: quote values containing CR character...

PT-2025-31011 · Crates.Io · Static Cell

ConstStaticCell could have been used to pass non-Send values to another thread, because T was not required to be Send while ConstStaticCell is Send. This was corrected by introducing a T: Send bound...

The vulnerability of the Consul and Consul Enterprise service configuration tool, related to unvalidated returned values, allows attackers to circumvent established security restrictions.

The vulnerability of the Consul and Consul Enterprise service configuration tool is related to an unvalidated returned value. Exploiting this vulnerability allows a malicious actor to bypass established security restrictions from a remote location...

Security update for kubernetes1.27

This update for kubernetes1.27 fixes the following issues: CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

SUSE-SU-2025:01811-2 Security update for gnuplot

This update for gnuplot fixes the following issues: - CVE-2025-31176: invalid read leads to segmentation fault on plot3dpoints bsc1240325. - CVE-2025-31177: improper bounds check leads to heap-buffer overflow on utf8copyone bsc1240326. - CVE-2025-31178: unvalidated user input leads to segmentatio...

CLSA-2025-1752656083 git: Fix of CVE-2025-48384

CVE-2025-48384: config: quote values containing CR character...

CLSA-2025-1752655814 git: Fix of CVE-2025-48384

CVE-2025-48384: config: quote values containing CR character...

CLSA-2025-1752655315 git: Fix of CVE-2025-48384

CVE-2025-48384: config: quote values containing CR character...

CLSA-2025-1752655539 git: Fix of CVE-2025-48384

CVE-2025-48384: config: quote values containing CR character...

CLSA-2025-1752655000 git: Fix of CVE-2025-48384

CVE-2025-48384: config: quote values containing CR character...

PT-2025-33575

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was discovered in the Linux kernel’s libwx component related to the resetting of Rx ring descriptors. When a device reset is triggered by feature changes, such as toggling Rx VL...

Improper Handling of Missing Values in Wireshark

...

CVE-2025-5992 Passing values outside of expected range to QColorTransferGenericFunction can cause a denial of service

When passing values outside of the expected range to QColorTransferGenericFunction it can cause a denial of service, for example, this can happen when passing a specifically crafted ICC profile to QColorSpace::fromICCProfile.This issue affects Qt from 6.6.0 through 6.8.3, from 6.9.0 through 6.9.1...

CVE-2025-27044

Memory corruption while executing timestamp video decode command with large input values...

Can Large Language Models Improve Phishing Defense? A Large-Scale Controlled Experiment on Warning Dialogue Explanations

Phishing has become a prominent risk in modern cybersecurity, often used to bypass technological defences by exploiting predictable human behaviour. Warning dialogues are a standard mitigation measure, but the lack of explanatory clarity and static content limits their effectiveness. In this pape...

SUSE CVE-2025-48384

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed CRLF. When writing a config entry, values with ...

Credential Exposure

Overview Affected versions of this package are vulnerable to Credential Exposure via the job configuration form. An attacker can obtain sensitive authentication keys by viewing the exposed values in the user interface. Remediation There is no fixed version for org.jenkins-ci.plugins:vaddy-plugin...

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...