New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

Cybersecurity researchers have disclosed details of a new campaign that delivers CastleStealer by means of a previously unreported malware loader dubbed OXLOADER. According to Elastic Security Labs, the campaign leverages malicious Google Ads as a starting point to distribute the malware. Evidenc...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciconn: Fixed a crash that occurred during hcicreatecissync. When attempting to connect multiple ISO sockets without using DEFERSETUP, the following crash may occur: BUG: KASAN: nullptrderef in...

Evaluating the Reliability of Multiple Large Language Models in Risk Assessment: A CIS Controls Based Approach

Proper implementation of technical and administrative controls reinforces an organization's cybersecurity posture and business resilience, reduces risks, and enhances governance, ultimately elevating business maturity. The dynamics of the technological landscape and emerging threats negatively...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: spicedb-operator, swagger, k8ssandra-client, cadvisor, kyverno-notation-aws, spire-controller-manager, tofu-controller, docker-cli, modelmesh-runtime-adapter, kyverno-policy-reporter-ui, mattermost, gcsfuse, ingress-nginx-controller, osv-scanner, seaweedfs,...

Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: Build without apparmor for openSUSE Leap 16, SLES 16 or newer Require Go 1.23 for building Update to version 1.0.1...

SUSE-SU-2026:0626-1 Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: - Build without apparmor for openSUSE Leap 16, SLES 16 or newer - Require Go 1.23 for building - Update to versi...

Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: Build without apparmor for openSUSE Leap 16, SLES 16 or newer Require Go 1.23 for building Update to version 1.0.1...

kernel: Bluetooth: hci_conn: Fix crash on hci_create_cis_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix crash on hcicreatecissync When attempting to connect multiple ISO sockets without using DEFERSETUP may result in the following crash: BUG: KASAN: null-ptr-deref in hcicreatecissync+0x18b/0x2b0 Read of size...

SUSE CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

CVE-2023-54038

A flaw was found in the Linux kernel's Bluetooth Host Controller Interface HCI connection handling. A local user could exploit this vulnerability when the hciconnectsco function returns a NULL pointer instead of an error pointer when no link is present. This improper handling of exceptional...

SUSE CVE-2023-54038

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: return ERRPTR instead of NULL when there is no link hciconnectsco currently returns NULL when there is no link i.e. when hciconnlink returns NULL. scoconnect expects an ERRPTR in case of any error see line 266...

Linux Distros Unpatched Vulnerability : CVE-2023-54038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hciconn: return ERRPTR instead of NULL when there is no link hciconnectsco currently returns NULL when there is no link i.e. when hciconnlink returns...

CVE-2023-54038

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: return ERRPTR instead of NULL when there is no link hciconnectsco currently returns NULL when there is no link i.e. when hciconnlink returns NULL. scoconnect expects an ERRPTR in case of any error see line 266...

CVE-2023-54038

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: return ERRPTR instead of NULL when there is no link hciconnectsco currently returns NULL when there is no link i.e. when hciconnlink returns NULL. scoconnect expects an ERRPTR in case of any error see line 266...

UBUNTU-CVE-2023-54038

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: return ERRPTR instead of NULL when there is no link hciconnectsco currently returns NULL when there is no link i.e. when hciconnlink returns NULL. scoconnect expects an ERRPTR in case of any error see line 266...

CVE-2023-54038 Bluetooth: hci_conn: return ERR_PTR instead of NULL when there is no link

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: return ERRPTR instead of NULL when there is no link hciconnectsco currently returns NULL when there is no link i.e. when hciconnlink returns NULL. scoconnect expects an ERRPTR in case of any error see line 266...

CVE-2023-54038 Bluetooth: hci_conn: return ERR_PTR instead of NULL when there is no link

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: return ERRPTR instead of NULL when there is no link hciconnectsco currently returns NULL when there is no link i.e. when hciconnlink returns NULL. scoconnect expects an ERRPTR in case of any error see line 266...

CIS-BA: Continuous Interaction Space Based Backdoor Attack for Object Detection in the Real-World

Object detection models deployed in real-world applications such as autonomous driving face serious threats from backdoor attacks. Despite their practical effectiveness,existing methods are inherently limited in both capability and robustness due to their dependence on single-trigger-single-objec...

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: quic-go-fips, grafana-image-renderer, harbor-cli, newrelic-nri-kube-events, k3d, node-feature-discovery-fips, nri-f5, rancher-system-upgrade-controller, pushprox-fips, kpt, dask-gateway, terraform-provider-random-fips, mongo-tools, tetragon-fips,...