Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a URL Redirection to Untrusted Site ('Open Redirect') in urllib3 [CVE-2025-50181, CVE-2025-50182]

Summary IBM Watson Speech Services Cartridge is vulnerable to a URL Redirection to Untrusted Site 'Open Redirect' in urllib3, caused by a condition where it is possible to instantiate a PoolManager and specify retries in a way that disables redirects CVE-2025-50181, CVE-2025-50182. urllib3 is use...

CVE-2025-64329

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...

EUVD-2024-40406

Malicious code in bioql PyPI...

CVE-2025-55190

creationtimestamp| type| source ---|---|--- 2025-09-05 03:09:19+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3ly2ooxmmvc2p 2025-09-05 04:32:11+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3ly2td4reqj2v 2025-09-05 05:40:20+00:00| seen|...

CVE-2025-58361

creationtimestamp| type| source ---|---|--- 2025-09-04 23:00:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly2as4pjqe2g 2025-09-05 06:01:16+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3ly2ycfrfr22l...

MINI-PHHJ-P86Q-X66G

Bulletin has no description...

MINI-F6XC-V9MV-QGMW

Bulletin has no description...

GHSA-9HP6-4448-45G2

creationtimestamp| type| source ---|---|--- 2025-09-04 15:35:19+00:00| seen| https://bsky.app/profile/azu.bsky.social/post/3lxzhvz4hvv2d...

CVE-2025-38728

In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parseserverinterfaces see below: BUG: KASAN: slab-out-of-bounds in...

CVE-2025-38726

In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix potential NULL pointer access in ftgmac100phydisconnect After the call to phydisconnect netdev-phydev is reset to NULL. So fixedphyunregister would be called with a NULL pointer as argument. Therefore cache th...

CVE-2025-38724

In the Linux kernel, the following vulnerability has been resolved: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm Lei Lu recently reported that nfsd4setclientidconfirm did not check the return value from getclientlocked. a SETCLIENTIDCONFIRM could race with a confirmed client...

CVE-2025-38717

In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...

CVE-2025-38716

In the Linux kernel, the following vulnerability has been resolved: hfs: fix general protection fault in hfsfindinit The hfsfindinit method can trigger the crash if tree pointer is NULL: 45.746290 T9787 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 1...

CVE-2025-38705

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix null pointer access Writing a string without delimiters ' ', '\n', '\0' to the under gpuod/fanctrl sysfs or pppowerprofilemode for the CUSTOM profile will result in a null pointer dereference...

CVE-2025-38697

In the Linux kernel, the following vulnerability has been resolved: jfs: upper bound check of tree index in dbAllocAG When computing the tree index in dbAllocAG, we never check if we are out of bounds realative to the size of the stree. This could happen in a scenario where the filesystem metadat...

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 25, 2025 to August 31, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Spring into Summer with Wordfence! Now through September 4, 2025, earn 2X bounty rewards forall in-scope submissions from our 'High Threat' list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

GHSA-3P8M-J85Q-PGMJ vulnerabilities

Vulnerabilities for packages: keycloak-operator, logstash-input-beats, infinispan, thingsboard, zookeeper, wavefront-proxy, docker-selenium, logstash-input-http, apache-nifi, spark, management-api-for-apache-cassandra-5.0, keycloak, zipkin, opensearch, trino, druid, strimzi-kafka-operator,...

CGA-J9XH-QF5R-6HR3

Bulletin has no description...

CVE-2025-36893

creationtimestamp| type| source ---|---|--- 2025-09-04 13:11:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxz7ucq2wf2d...

CVE-2025-50224

creationtimestamp| type| source ---|---|--- 2025-09-04 11:25:24+00:00| seen| https://gist.github.com/Darkcrai86/e3c559ca6e0e31addd51baaa217ec618 2025-09-04 12:08:53+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lxz4esxapyv2 2025-09-08...