Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

Astra Linux - уязвимость в wpa

Implementations of SAE in hostapd before version 2.10, and wpasupplicant before version 2.10, are vulnerable to side-channel attacks due to cache access patterns. NOTE: This issue exists due to an incomplete fix for CVE-2019-9494...

Astra Linux - уязвимость в firefox, thunderbird

Keyboard events reference strings like “KeyA” that are located at fixed, known, and widely-distributed addresses. Cache-based timing attacks, such as Prime+Probe, could potentially determine which keys were pressed. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...

Astra Linux - уязвимость в libtirpc

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that used libtirpc, as idle TCP connections were handled improperly. This could lead to an svcrun infinite loop without accepting new connections...

Astra Linux - уязвимость в nodejs

A OS command injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check. This vulnerability can be easily exploited, as the IsIPAddress function does not properly check whether an IP address is invalid before making DBS requests, thereby...

Astra Linux - уязвимость в linux-6.1

IEEE P802.11-REVme D1.1 through D7.0 allow FragAttacks against mesh networks. In mesh networks that use Wi-Fi Protected Access WPA, WPA2, or WPA3 or Wired Equivalent Privacy WEP, an adversary can exploit this vulnerability to inject arbitrary frames towards devices that support receiving non-SSP...

Astra Linux - уязвимость в python2.7, python3.7

A issue was discovered in the comparedigest function in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimizations were possible in the accumulator variable used in hmac.comparedigest...

SOC-Alert-Investigation-Portfolio

SOC Alert Investigation Portfolio This repository contains pr...

PT-2026-42265

Name of the Vulnerable Software and Affected Versions Crypt::SaltedHash versions prior to 0.110.0 Description Crypt::SaltedHash for Perl is susceptible to timing attacks because it uses Perl's built-in eq comparison. Discrepancies in timing could be used to guess the underlying hash...

NVIDIA DGX OS 安全漏洞

NVIDIA DGX OS is a Linux operating system and cluster management environment for the DGX AI server platform developed by NVIDIA Corporation in the United States. NVIDIA DGX OS contains security vulnerabilities. These vulnerabilities arise from cloning base images during factory configuration...

Progress Software MOVEit 安全漏洞

Progress Software MOVEit is a secure hosted file transfer software developed by Progress Software Corporation in the United States. Versions of Progress Software MOVEit prior to 2025.0.11, as well as versions from 2025.1.0 to 2025.1.7, contained security vulnerabilities due to unlimited resource...

Apache OFBiz 安全漏洞

Apache OFBiz is an ERP system developed by the Apache Foundation in the United States. This system provides a complete set of Java-based web application components and tools. Versions of Apache OFBiz prior to 24.09.06 contained security vulnerabilities, which were caused by improper handling of...

GHSA-J5RM-V3VH-VX94 eduMFA Passkeys: missing expiration flag may allow replay attacks and reuse of old challenges

Impact In eduMFA = 2.9.1 by adding validity information to the userless challenges. Workarounds No known workarounds besides disabling userless login altogether...

eduMFA Passkeys: missing expiration flag may allow replay attacks and reuse of old challenges

Impact In eduMFA = 2.9.1 by adding validity information to the userless challenges. Workarounds No known workarounds besides disabling userless login altogether...

org.wildfly.core:wildfly-elytron-integration: Wildfly Elytron Brute Force Attack via CLI

A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI...

IT threat evolution in Q1 2026. Mobile statistics

IT threat evolution in Q1 2026. Mobile statistics IT threat evolution in Q1 2026. Non-mobile statistics In the third quarter of 2025, we updated the methodology for calculating statistical indicators based on the Kaspersky Security Network. These changes affected all sections of the report except...

IT threat evolution in Q1 2026. Non-mobile statistics

IT threat evolution in Q1 2026. Non-mobile statistics IT threat evolution in Q1 2026. Mobile statistics The statistics in this report are based on detection verdicts returned by Kaspersky products unless otherwise stated. The information was provided by Kaspersky users who consented to sharing...

A No-Defense Defense against Gradient-Based Adversarial Attacks on ML-NIDS: Is Less More?

Gradient-based adversarial attacks subtly manipulate inputs of Machine Learning ML models to induce incorrect predictions. This paper investigates whether careful architectural choices alone can yield an inherently robust Deep Neural Network DNN-based Network Intrusion Detection Systems NIDS,...

Agent Security Is a Systems Problem

We take the position that agent security must be approached as a systems problem: the AI model powering the agent must be treated as an untrusted component, and security invariants must be enforced at the system level. Through this lens, efforts to increase model robustness the dominant viewpoint...

cramfs-tools 后置链接漏洞

cramfs-tools is a compression read-only file system tool developed by Nicolas Pitre. Versions of cramfs-tools prior to 2.2 had a post-installation link vulnerability. This vulnerability stemmed from the operation of the changefilestatus function in the cramfsck.c file, which allowed symbolic link...