PT-2025-40098

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains an issue within the erofs filesystem related to encoded extents. The algorithm sanity checks do not correctly apply to new encoded extents, leading to...

USN-5495-2: curl regression

USN-5495-1 fixed vulnerabilities in curl. The fix for CVE-2022-32205 miscalculated the maximum cookie size, causing a regression. This update fixes the problem. Original advisory details: Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this...

USN-5495-2 curl regression

USN-5495-1 fixed vulnerabilities in curl. The fix for CVE-2022-32205 miscalculated the maximum cookie size, causing a regression. This update fixes the problem. Original advisory details: Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this...

USN-7769-2 linux-realtime-6.14 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

USN-7770-1 linux-azure vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

Towards Adapting Federated and Quantum Machine Learning for Network Intrusion Detection: a Survey

This survey explores the integration of Federated Learning FL with Network Intrusion Detection Systems NIDS, with particular emphasis on deep learning and quantum machine learning approaches. FL enables collaborative model training across distributed devices while preserving data privacy-a critic...

f2fs: compress: fix to guarantee persisting compressed blocks by CP

...

CVE-2025-39847

In the Linux kernel, the following vulnerability has been resolved: ppp: fix memory leak in padcompressskb If allocskb fails in padcompressskb, it returns NULL without releasing the old skb. The caller does: skb = padcompressskbppp, skb; if !skb goto drop; drop: kfreeskbskb; When padcompressskb...

CVE-2025-59689

Libraesva ESG 4.5 through 5.5.x before 5.5.7 allows command injection via a compressed e-mail attachment. For ESG 5.0 a fix has been released in 5.0.31. For ESG 5.1 a fix has been released in 5.1.20. For ESG 5.2 a fix has been released in 5.2.31. For ESG 5.4 a fix has been released in 5.4.8. For...

CVE-2025-8778

The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the nitropacksetcompressionajax function in all versions up to, and including, 1.18.4. This makes it possible for authenticated attackers, with Subscriber-level access and...

CVE-2025-8778

The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the nitropacksetcompressionajax function in all versions up to, and including, 1.18.4. This makes it possible for authenticated attackers, with Subscriber-level access and...

CVE-2025-8778

Summary (CVE-2025-8778): The NitroPack plugin for WordPress (versions up to 1.18.4) has a missing capability check in nitropack_set_compression_ajax(), enabling authenticated attackers with Subscriber-level access or higher to modify nitropack-enableCompression and alter plugin compression settin...

CVE-2025-8778 NitroPack <= 1.18.4 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update via nitropack_set_compression_ajax Function

The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the nitropacksetcompressionajax function in all versions up to, and including, 1.18.4. This makes it possible for authenticated attackers, with Subscriber-level access and...

CVE-2025-8778 NitroPack <= 1.18.4 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update via nitropack_set_compression_ajax Function

The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the nitropacksetcompressionajax function in all versions up to, and including, 1.18.4. This makes it possible for authenticated attackers, with Subscriber-level access and...

PT-2025-37019

Name of the Vulnerable Software and Affected Versions: NitroPack versions up to and including 1.18.4 Description: The NitroPack plugin for WordPress is susceptible to unauthorized data modification. This is due to a missing capability check within the nitropack set compression ajax function...

Linux Distros Unpatched Vulnerability : CVE-2022-4104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2025-2127)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for...

Linux Distros Unpatched Vulnerability : CVE-2021-43086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the compression function of the astc-encoder project with -cl option was used, a stack-buffer-overflow...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2025-2128)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

A Non-Monotonic Relationship: an Empirical Analysis of Hybrid Quantum Classifiers for Unseen Ransomware Detection

Detecting unseen ransomware is a critical cybersecurity challenge where classical machine learning often fails. While Quantum Machine Learning QML presents a potential alternative, its application is hindered by the dimensionality gap between classical data and quantum hardware. This paper...