Oracle Fusion Middleware Identity Manager authentication bypass

Added: 11/24/2025 Background Oracle Fusion Middleware is a platform for creating and running applications. Problem An authentication bypass vulnerability in the Identity Manager component allows remote attackers to execute arbitrary commands by appending ;.wadl to a URL. Resolution See Oracle Pat...

TASO: Jailbreak LLMs Via Alternative Template and Suffix Optimization

Many recent studies showed that LLMs are vulnerable to jailbreak attacks, where an attacker can perturb the input of an LLM to induce it to generate an output for a harmful question. In general, existing jailbreak techniques either optimize a semantic template intended to induce the LLM to produc...

CVE-2025-57812

A flaw was found in CUPS-Filters, including libcupsfilters. An attacker on the same local network, with low privileges, could exploit an out-of-bounds read/write vulnerability by submitting a specially crafted TIFF image file as a print job with specific options. This could lead to limited...

blender-4.5-4.5.4-1.1 on GA media (moderate)

blender-4.5-4.5.4-1.1 on GA media Announcement ID: openSUSE-SU-2025:15755-1 Rating: moderate Cross-References: CVE-2022-0544 CVE-2022-0545 CVE-2022-0546 Affected Products: openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. Description: These are all security issues...

APIs Are the Retail Engine: How to Secure Them This Black Friday

Can you ever imagine the impact on your business if it went offline on Black Friday or Cyber Monday due to a cyberattack? Black Friday is the biggest day in the retail calendar. It’s also the riskiest. As you gear up for huge surges in online traffic, ask yourself: have you protected the APIs on...

OPENSUSE-SU-2025:15755-1 blender-4.5-4.5.4-1.1 on GA media

These are all security issues fixed in the blender-4.5-4.5.4-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15757-1 curl-8.17.0-1.1 on GA media

These are all security issues fixed in the curl-8.17.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15756-1 blender-5.0-5.0.0-1.1 on GA media

These are all security issues fixed in the blender-5.0-5.0.0-1.1 package on the GA media of openSUSE Tumbleweed...

Moderate: Red Hat Security Advisory: Submariner v0.21 security fixes and container updates

Submariner v0.21 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

TencentOS Server 3: libldb (TSSA-2022:0208)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0208 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: curl (TSSA-2023:0172)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0172 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 4: augeas (TSSA-2025:0277)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0277 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: pcl (TSSA-2025:0421)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0421 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

OPENSUSE-SU-2025:15750-1 python313-3.13.9-2.1 on GA media

These are all security issues fixed in the python313-3.13.9-2.1 package on the GA media of openSUSE Tumbleweed...

TencentOS Server 4: edk2 (TSSA-2025:0336)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0336 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: libssh (TSSA-2022:0067)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0067 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

OPENSUSE-SU-2025:15749-1 grub2-2.12-67.1 on GA media

These are all security issues fixed in the grub2-2.12-67.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-65033

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature allows any authenticated user to pause or resume any poll, regardless of ownership. The system only uses the public pollId to identify polls, and it does not...

EUVD-2025-198149

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests...

OPENSUSE-SU-2025:15745-1 chromedriver-142.0.7444.175-1.1 on GA media

These are all security issues fixed in the chromedriver-142.0.7444.175-1.1 package on the GA media of openSUSE Tumbleweed...