The vulnerability of the Helper service in the Cato Client software for remote access allows a hacker to elevate their privileges and execute arbitrary code.

The vulnerability of the Cato Client software’s remote access service is related to improper resource blocking. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

CVE-2022-50089

CVE-2022-50089 affects the Linux kernel with the btrfs file system. The issue occurs when cow_file_range() fails mid-allocation (unlock=0) and may leave pages locked, potentially causing a hung task in zoned btrfs setups (as described in the provided reports). The included details show that the f...

PT-2025-25880 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been identified where the iforce close function waits at wait event interruptible with dev-mutex held, blocking input disconnect device from input...

Astra Linux – Vulnerability in Thunderbird

It was possible to create an email that included a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird would automatically access the link. The configuration to block remote content did not prevent this behavior. Thunderbird has been updated to no longer allo...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: switchdev: Converting the blocking notification chain to a raw one A blocking notification chain uses a read-write semaphore to protect the integrity of the chain. The semaphore is acquired for writing when adding/removing...

PT-2025-29851 · Go +1 · Go +1

Уязвимость языка программирования Golang связана с недостаточной или некорректная блокировкой. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, удалять произвольные каталоги...

Single Block On

In the digital age, individuals increasingly maintain active presences across multiple platforms ranging from social media and messaging applications to professional and communication tools. However, the current model for managing user level privacy and abuse is siloed, requiring users to block...

thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking

The Mozilla Foundation's Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not...

Empower Users and Protect Against GenAI Data Loss

When generative AI tools became widely available in late 2022, it wasn't just technologists who paid attention. Employees across all industries immediately recognized the potential of generative AI to boost productivity, streamline communication and accelerate work. Like so many waves of...

CVE-2025-3768

Improper access control in Tor network blocking feature in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the tor blocking feature when the Devolutions hosted endpoint is not reachable...

CVE-2025-3768

Improper access control in Tor network blocking feature in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the tor blocking feature when the Devolutions hosted endpoint is not reachable...

CVE-2025-3768

Improper access control in Tor network blocking feature in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the tor blocking feature when the Devolutions hosted endpoint is not reachable...

thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking

The Mozilla Foundation's Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not...

PT-2025-23930 · Devolutions · Devolutions Server

Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2025.1.10.0 and earlier Description: The issue is related to improper access control in the Tor network blocking feature. This allows an authenticated user to bypass the Tor blocking feature when the Devolutions...

Devolutions Server 访问控制错误漏洞

Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2025.1.10.0 and earlier, which stems from improper access control of the Tor network...

thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking

The Mozilla Foundation's Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not...

RHEL 8 : thunderbird (RHSA-2025:8507)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8507 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: JavaScript Execution via Spoofed PDF Attachment...

ADC-13.1-Rate limit gets hit unexpectedly when a rate limit identifier is used in different policies

When we invoke one rate limit identifier from different polices, the rate limit gets hit unexpectedly. The example config is as below: add stream selector IPURLSelector HTTP.REQ.URL CLIENT.IP.SRCadd ns limitIdentifier LIMITIPURL -threshold 3 -selectorName IPURLSelectoradd audit messageaction...

thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking

The Mozilla Foundation's Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not...

[SECURITY] Fedora 42 Update: python-tornado-6.4.1-3.fc42

Tornado is an open source version of the scalable, non-blocking web server and tools. The framework is distinct from most mainstream web server frameworks and certainly most Python frameworks because it is non-blocking and reasonably fast. Because it is non-blocking and uses epoll, it can handle...