CVE-2023-54097

CVE-2023-54097 (Linux kernel) affects the regulator subsystem, specifically the stm32-pwr regulator driver. The issue is an of_iomap() leak in stm32_pwr_regulator_probe() that can leak the mapped base address if memory allocation or regulator registration fails. The fix replaces of_iomap() with d...

RLSA-2025:23738 Important: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...

atm/fore200e: Fix possible data race in fore200e_open()

...

CVE-2025-68339

In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fix possible data race in fore200eopen Protect access to fore200e-availablecellrate with ratemtx lock in the error handling path of fore200eopen to prevent a data race. The field fore200e-availablecellrate is a shar...

DEBIAN-CVE-2025-34458

wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprsmice located in src/decodeaprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or...

CVE-2025-34458

wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprsmice located in src/decodeaprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or...

Dire Wolf 安全漏洞

Dire Wolf is a software radio modem from the individual developers at wb2osz. A security vulnerability exists in Dire Wolf 1.8 and earlier versions, which stems from a reachable assertion vulnerability in the APRS MIC-E decoder that could lead to a denial of service...

SUSE CVE-2025-44005

An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks...

[SECURITY] Fedora 42 Update: mod_md-2.6.6-1.fc42

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...

KeePassXC-Browser 安全漏洞

KeePassXC-Browser is an open source browser extension for KeePassXC. A security vulnerability exists in KeePassXC-Browser version 1.9.9.2 and earlier, which stems from auto-populating credentials in a sandboxed document, which could lead to credential disclosure...

A Browser Extension Risk Guide After the ShadyPanda Campaign

In early December 2025, security researchers exposed a cybercrime campaign that had quietly hijacked popular Chrome and Edge browser extensions on a massive scale. A threat group dubbed ShadyPanda spent seven years playing the long game, publishing or acquiring harmless extensions, letting them r...

Unity Linux 20.1060a / 20.1070a Security Update: abrt (UTSA-2025-991235)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991235 advisory. A flaw was found in the ABRT daemons handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly int...

HenBR-Autoload

HenBR-Autoload Download any PS4 exploit in one click...

Malwarebytes for Mac now has smarter, deeper scans

Say hello to the upgraded Malwarebytes for Mac —now with more robust protection, more control, and the same trusted defense you count on every day. We’ve given our Mac scan engine a serious intelligence boost, so it thinks faster and digs deeper. The new enhanced scan searches across more of your...

EUVD-2025-202635

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer...

Important: Red Hat Security Advisory: abrt security update

An update for abrt is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as havi...

Important: Red Hat Security Advisory: abrt security update

An update for abrt is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

CVE-2025-13428

A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution RCE in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containi...

Aqara多款产品 安全漏洞

Aqara Camera Hub G3 and others are a smart surveillance camera from Aqara USA. A security vulnerability exists in various Aqara products, which stems from the automatic collection and uploading of unencrypted sensitive information. The following products and versions are affected: the Camera Hub ...

CVE-2025-65297

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer...