CVE-2022-3616

Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer...

CLSA-2025-1747903683 gnutls: Fix of 2 CVEs

CVE-2024-28834: fix side-channel leak in the deterministic ECDSA - CVE-2024-28835: fix crash when verifying a certificate chain with more than 16 certificates...

Redefining IABs: Impacts of compartmentalization on threat tracking and modeling

Cisco Talos has observed a growing trend of attack kill chains being split into two stages -- initial compromise and subsequent exploitation -- executed by separate threat actors. This compartmentalization increases the complexity and difficulty of performing threat modeling and actor profiling...

kernel: block, bfq: fix possible UAF for bfqq->bic with merge chain

A flaw was found in the Budget Fair Queueing BFQ I/O scheduler in the Linux kernel. Handling merged chains of BFQ queues can cause a use-after-free condition and result in a denial of service...

Earth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in Taiwan

Trend™ Research discusses the evolving tradecraft of threat actor Earth Ammit, proven by the advanced toolset used in its TIDRONE and VENOM campaigns that targeted the drone supply chain...

Maritime Cybersecurity: Threats & Regulations Loom

This review summarizes the key insights shared during the webinar held on April 9th, which featured maritime cybersecurity experts discussing the growing challenges facing ports, logistics operations, and global supply chains...

Configure Proper Association Policies for INPUT and OUTPUT of iptables

Although you can configure protocols, IP addresses, and port numbers to add policies for packets entering and leaving a server to the INPUT and OUTPUT chains, it is difficult to configure suitable policies using the sport parameter due to complicated situations. For example, a client accesses the...

Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products

Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023 but an increase from 63 the year before. Of the 75 zero-days, 44% of them targeted enterprise products. As many as 20 flaws were identified in security software and appliances...

Sleeping Giants -- Activating Dormant Java Deserialization Gadget Chains through Stealthy Code Changes

Java deserialization gadget chains are a well-researched critical software weakness. The vast majority of known gadget chains rely on gadgets from software dependencies. Furthermore, it has been shown that small code changes in dependencies have enabled these gadget chains. This makes gadget chai...

SUSE CVE-2025-21975

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5chainscreatetable In mlx5chainscreatetable, the return value of mlx5getfdbsubns and mlx5getflownamespace must be checked to prevent NULL pointer dereferences. If either function fails, the function...

UBUNTU-CVE-2025-21975

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5chainscreatetable In mlx5chainscreatetable, the return value of mlx5getfdbsubns and mlx5getflownamespace must be checked to prevent NULL pointer dereferences. If either function fails, the function...

CVE-2025-21975

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5chainscreatetable In mlx5chainscreatetable, the return value of mlx5getfdbsubns and mlx5getflownamespace must be checked to prevent NULL pointer dereferences. If either function fails, the function...

CVE-2025-21975

Technical details for CVE-2025-21975 are not publicly provided in the supplied Connected documents. The entry description exists, but there are no explicit affected products/versions, impact, or fixes in the connected items. Monitor for vendor advisories.

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the net/mlx5 module not properly handling errors in mlx5chainscreatetable...

The vulnerability of the Process Chains component of the SAP Business Warehouse system allows attackers to compromise the integrity of the protected information.

The vulnerability of the Process Chains component in the SAP Business Warehouse data management and analytics system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the protected information...

OPENSUSE-SU-2025:14891-1 libzvbi-chains0-0.2.44-1.1 on GA media

These are all security issues fixed in the libzvbi-chains0-0.2.44-1.1 package on the GA media of openSUSE Tumbleweed...

⚡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact

Cyber threats today don't just evolve—they mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new battlegrounds—ranging from nation-state espionage and ransomware to manipulated AI chatbots—the landscape become...

China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access

The China-linked threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology IT supply chain as a means to obtain initial access to corporate networks. That's according to new findings...

Exploit for Server-Side Request Forgery in Bookstackapp Bookstack

phpfilterchainoraclepoc Overview The Synacktiv team pu...

Exploit for Server-Side Request Forgery in Bookstackapp Bookstack

PHP filter chains: file read from error-based oracle. Updated...