Moderate: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Linux Distros Unpatched Vulnerability : CVE-2025-29366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In mupen64plus v2.6.0 there is an array overflow vulnerability in the writerdramregs and writerdramregs functions, which enables executing arbitrary commands on...

PT-2025-35653

🔴 Rust array queue, Memory Corruption, CVE-2021-28016 Critical https://t.co/xvt7ni76ig...

Claude Desktop Installed (Windows)

Binary data claudedesktopwininstalled.nbin...

Linux Distros Unpatched Vulnerability : CVE-2023-39272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to...

Linux Distros Unpatched Vulnerability : CVE-2021-30470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray, PdfTokenizer::GetNextVariant and PdfTokenizer::ReadDataType...

Linux Distros Unpatched Vulnerability : CVE-2022-1237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more...

Security Bulletin: IBM Data Product Hub is affected by several vulnerabilities

Summary IBM Data Product Hub has dependencies on IBM Semeru, IBM WebSphere Application Server Liberty, Requests Python HTTP library, and Node.js Dompurify, Brace-expansion, Xmldom, Undici, and Form-data runtime modules, which are vulnerable. This bulletin contains information regarding the...

CVE-2025-52856 VioStor

An improper authentication vulnerability has been reported to affect VioStor. If a remote attacker, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: VioStor 5.1.6 build 20250621 and later...

Security Bulletin: Use of Arrays.equals() in LlapSignerImpl in Apache Hive to compare message signatures allows attacker to forge a valid signature , which affects IBM watsonx.data

Summary Use of Arrays.equals in LlapSignerImpl in Apache Hive to compare message signatures allows attacker to forge a valid signature for an arbitrary message byte by byte. The attacker should be an authorized user of the product to perform this attack. Users are recommended to upgrade to versio...

CGA-7M7P-CMWC-CPPQ

Bulletin has no description...

MINI-QGVP-9V3R-M7WQ

Bulletin has no description...

Link up, lift up, level up

Welcome to this week's edition of the Threat Source newsletter. As summer retreats into the rear-view mirror, I'd like to take a moment to reflect on one of my favorite things about the cybersecurity profession: the community. Earlier this month, I attended Black Hat USA 2025 and DEF CON 33 in...

Contao does not properly manage privileges for page and article fields

Impact Under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions. Patches Update to Contao 5.3.38 or 5.6.1. Workarounds None. For more information If you have any questions or comments about this advisory, open an issue in...

Claude AI chatbot abused to launch “cybercrime spree”

Anthropic—the company behind the widely renowned coding chatbot, Claude—says it uncovered a large-scale extortion operation in which cybercriminals abused Claude to automate and orchestrate sophisticated attacks. The company issued a Threat Intelligence report in which it describes several...

Microarchitecture Design and Benchmarking of Custom SHA-3 Instruction for RISC-V

Integrating cryptographic accelerators into modern CPU architectures presents unique microarchitectural challenges, particularly when extending instruction sets with complex and multistage operations. Hardware-assisted cryptographic instructions, such as Intel's AES-NI and ARM's custom instructio...

Linux Distros Unpatched Vulnerability : CVE-2020-18430

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage component, which can lead to a denial of service DOS. CVE-2020-18430...

Linux Distros Unpatched Vulnerability : CVE-2019-11506

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which...

Linux Distros Unpatched Vulnerability : CVE-2023-50471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSONInsertItemInArray at cJSON.c. CVE-2023-50471 Note that Nessus relies on t...

Linux Distros Unpatched Vulnerability : CVE-2018-1999015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory...