Why Image Format Conversion Is Becoming a Practical Issue in Web Security and Performance

WebP boosts performance raises compatibility issues, making image format conversion to PNG essential for secure, flexible, and efficient web workflows today...

CVE-2025-68216

Summary (CVE-2025-68216): In the Linux kernel, LoongArch-architecture BPF trampoline attachments to kernel module functions have been disabled due to incompatibilities with tracing in modules. This prevents attaching BPF fentry/trampoline probes to module functions, addressing severe user-visible...

EUVD-2025-3970

Malicious code in bioql PyPI...

EUVD-2023-29648

Malicious code in bioql PyPI...

September 9, 2025—KB5065468 (Monthly Rollup)

September 9, 2025—KB5065468 Monthly Rollup Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated in...

ALSA-2025:10073 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet CVE-2025-6424 firefox:...

CVE-2025-38046

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-38046

...

Alibaba Cloud Linux 3 : 0130: compat-openssl10 (ALINUX3-SA-2022:0130)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0130 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-0778: The BNmodsqrt function, which comput...

Debian dla-4152 : libnode-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4152 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4152-1 [email protected] https://www.debian.org/lts/security/...

Update 25.6 for Microsoft Dynamics 365 Business Central 2024 Release Wave 2 (Application Build 25.6.32556, Platform Build 25.2.32308)

Update 25.6 for Microsoft Dynamics 365 Business Central 2024 Release Wave 2 Application Build 25.6.32556, Platform Build 25.2.32308 Overview This update replaces previously released updates. You should always install the latest update. This update also fixes a vulnerability. For more information,...

CVE-2025-26466

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to ...

CVE-2025-24875

SAP Commerce, by default, sets certain cookies with the SameSite attribute configured to None SameSite=None. This includes authentication cookies utilized in SAP Commerce Backoffice. Applying this setting reduces defense in depth against CSRF and may lead to future compatibility issues...

CVE-2025-24875

CVE-2025-24875 corresponds to SAP Commerce where the Backoffice authentication cookies are by default configured with SameSite=None. Root cause: cookies set to None, weakening CSRF protections. Impact: CSRF risk with potential confidentiality/integrity concerns; exploitation status not detailed i...

SAP Commerce 跨站请求伪造漏洞

SAP Commerce is a suite of cloud-based e-commerce platforms from Germany's SAP. It supports sales management, marketing management, order management and operations management. A cross-site request forgery vulnerability exists in SAP Commerce, which stems from a misconfiguration that can lead to...

synacktiv-rules

synacktiv-rules Public repository of Sigma and YARA/YARA-X ru...

Fedora 40 : glibc (2025-69207650a4)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-69207650a4 advisory. This update addresses two security vulnerabilities: CVE-2025-0395: A buffer overflow may occur in the assert function with certain large program nam...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

openSUSE 15 Security Update : python-wxPython (SUSE-SU-2024:3964-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:3964-1 advisory. Security issue fixed: - CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XMLResumeParser function bsc1232590. Non-security issues fixed: ...

Unbreakable Enterprise kernel security update

4.14.35-2047.542.2 - fs/dcache: allow fractional values in fs.negative-dentry-limit Gautham Ananthakrishna Orabug: 37156524 - lib/math: move intpow from pwmbl.c for wider use Andy Shevchenko Orabug: 37156524 4.14.35-2047.542.1 - genirq/cpuhotplug: Retry with cpuonlinemask when migration fails...