Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a URL Redirection to Untrusted Site ('Open Redirect') in urllib3 [CVE-2025-50181, CVE-2025-50182]

Summary IBM Watson Speech Services Cartridge is vulnerable to a URL Redirection to Untrusted Site 'Open Redirect' in urllib3, caused by a condition where it is possible to instantiate a PoolManager and specify retries in a way that disables redirects CVE-2025-50181, CVE-2025-50182. urllib3 is use...

MINI-PHHJ-P86Q-X66G

Bulletin has no description...

MINI-F6XC-V9MV-QGMW

Bulletin has no description...

CVE-2025-38717

In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...

GHSA-3P8M-J85Q-PGMJ vulnerabilities

Vulnerabilities for packages: druid, zookeeper, opensearch, keycloak-operator, trino, infinispan, logstash-input-tcp, neo4j, apicurio-registry, kserve-modelmesh, spark, management-api-for-apache-cassandra-5.0, wavefront-proxy, flyway, keycloak, apache-nifi, apache-pulsar, apache-activemq-artemis,...

CVE-2025-58357

creationtimestamp| type| source ---|---|--- 2025-09-04 01:32:26+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lxxysrzz7m2m 2025-09-04 06:40:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxyk24apnx2o 2026-05-23 02:00:15+00:00| seen|...

Ubuntu: Security Advisory (USN-7736-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-48539

creationtimestamp| type| source ---|---|--- 2025-09-03 22:25:26+00:00| seen| https://bsky.app/profile/Android.activitypub.awakari.com.ap.brid.gy/post/3lxxoddlkol22 2025-09-04 22:45:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly27xbiyqm2e 2025-09-05 21:01:08+00:00|...

CVE-2025-9919

creationtimestamp| type| source ---|---|--- 2025-09-03 19:08:07+00:00| seen| https://gist.github.com/Darkcrai86/f634b0a56d0393cd03d272e09bd06850 2025-09-03 20:29:48+00:00| seen| https://gist.github.com/Darkcrai86/4e4711e67c721e4bb462225dfc22d8b0...

Photon OS 5.0: Containerd PHSA-2025-5.0-0611

An update of the containerd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0611. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

GHSA-G5QG-72QW-GW5V vulnerabilities

Vulnerabilities for packages: langfuse, jitsucom-jitsu...

Poisoned at Scale: a Scalable Audit Uncovers Hidden Scam Endpoints in Production LLMs

Large Language Models LLMs have become critical to modern software development, but their reliance on internet datasets for training introduces a significant security risk: the absorption and reproduction of malicious content. To evaluate this threat, this paper introduces a scalable, automated...

Security Bulletin: NVIDIA Bluefield, ConnectX, DOCA, Mellanox DPDK, Cumulus Linux and NVOS - September 2025

NVIDIA has released a software update for NVIDIA Bluefield, ConnectX, DOCA, Mellanox DPDK, Cumulus Linux and NVOS. To protect your system, download and install the latest NVIDIA components from the links provided in this document. For earlier evaluation versions, contact your account manager to g...

MINI-H5Q5-5GJX-9X4R

Bulletin has no description...

postgresql:15 security update

pgaudit 1.7.0-1 - Initial import for postgresql 15 module - Update to 1.7.0 - Support postgresql 15 - Related: 2128410 pgrepack 1.4.8-2 - Add new build dependencies to fix build with lz4 enabled - Related: RHEL-47350 1.4.8-1 - Update to version 1.4.8 - Postgresql 15 is supported - Related: 212841...

Ubuntu: Security Advisory (USN-7726-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-16037

creationtimestamp| type| source ---|---|--- 2025-08-31 03:13:13+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...

CVE-2018-12842

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:37+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

CVE-2012-0183

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:37+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d 2025-08-31 03:13:11+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...

CVE-2018-12829

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:33+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d 2025-08-31 03:13:12+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...