EUVD-2025-14101

Malicious code in bioql PyPI...

CVE-2022-49358 netfilter: nf_tables: memleak flow rule from commit path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...

Security Bulletin: Vulnerabilities in Transparent Cloud Tiering affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in netty-codec-http2 and commons-compress affect the Transparent Cloud Tiering function in IBM Storage Virtualize products. CVE-2023-44487, CVE-2024-25710, CVE-2024-26308. Most systems do not have Transparent Cloud Tiering configured. You can confirm by running the...

Facebook Releases New Tool That Finds Security and Privacy Bugs in Android Apps

Facebook on Wednesday announced it's open-sourcing Mariana Trench, an Android-focused static analysis platform the company uses to detect and prevent security and privacy bugs in applications created for the mobile operating system at scale. "Mariana Trench is designed to be able to scan large...

CVE-2019-14054

Improper permissions in XBLSEC region enable user to update XBLSEC code and data and divert the RAM dump path to normal cold boot path in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, MSM8998,...

GHSA-G6J2-CH25-5MMV Missing Token Replay Detection in Saml2 Authentication services for ASP.NET

Impact Token Replay Detection is an important defence in depth measure for Single Sign On solutions. In all previous 2.X versions, the Token Replay Detection is not properly implemented. Note that version 1.0.1 is not affected. It has a correct Token Replay Implementation and is safe to use...

microcode_ctl security update

2:2.1-53.3.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 2:2.1-53.3.0.1 - do not late load prior to 3.10.0 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early loading on 06-4f-01 - update 06-55-04 to 0x2000065 - update...

Security Bulletin: A vulnerability in Apache Struts affects the IBM FlashSystem V840

Summary There is a vulnerability in Apache Struts which the IBM FlashSystem™ V840 is susceptible. An exploit of that vulnerability CVE-2018-11776 could make the system susceptible to attacks which could allow an attacker to execute arbitrary code on the system. Vulnerability Details CVEID:...

Security Bulletin: IBM Flex System Manager (FSM) is affected by a security vulnerability: (CVE-2014-6147)

Summary A security vulnerability has been discovered in the IBM FSM. Vulnerability Details Abstract A security vulnerability has been discovered in the IBM FSM. Content Vulnerability Details: CVE-ID: CVE-2014-6147 Description: An authenticated user could obtain sensitive data from the FSM and use...