Updated assimp packages fix security vulnerabilities

CVE-2025-2750,- A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to...

Fedora 42 : chromium (2026-36fb406407)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-36fb406407 advisory. The updates include fixes for: Critical CVE-2026-7363: Use after free in Canvas Critical CVE-2026-7361: Use after free in iOS Critical CVE-2026-7344...

CVE-2026-32294

creationtimestamp| type| source ---|---|--- 2026-03-18 17:04:14+00:00| seen| https://t.me/truesecator/8008...

APSB26-05 : Security update available for Adobe Commerce

Adobe has released a security update for Adobe Commerce and Magento Open Source. This update resolves critical, important, and moderate vulnerabilities. Successful exploitation could lead to security feature bypass, application denial-of-service, privilege escalation, arbitrary code execution, an...

SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

SolarWinds has released updates to address four critical security flaws in its Serv-U file transfer software that, if successfully exploited, could result in remote code execution. The vulnerabilities, all rated 9.1 on the CVSS scoring system, are listed below - CVE-2025-40538 - A broken access...

APSB25-105 : Security update available for Adobe ColdFusion

Adobe has released security updates for ColdFusion versions 2025, 2023 and 2021. These updates resolves critical and important vulnerability that could lead to arbitrary file system write, arbitrary file system read, arbitrary code execution, security feature bypass, and priviledge escalation...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, and Red Hat Enterprise Linux 8.6 Extended Update Suppo...

CVE-2025-2776

creationtimestamp| type| source ---|---|--- 2025-05-07 09:31:00+00:00| seen| https://thehackernews.com/2025/05/sysaid-patches-4-critical-flaws.html 2025-05-07 14:15:11+00:00| seen| https://infosec.exchange/users/shadowserver/statuses/114466967388160257 2025-05-07 14:16:50+00:00| seen|...

PT-2025-20325 · Undefined · Undefined

⚠️ Vulnerability Alert: SysAid On-Premise Pre-Auth RCE Chain 4 Critical Flaws 📅 Timeline: Disclosure: 2025-05-07, Patch: 2025-03-01 🆔 CVE ID: CVE-2025-2778 📊 Base Score: 9.8 assessed Critical 📏 CVSS Metrics: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvssSeverity:...

PT-2025-18781 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: IntelR TiberTM Edge Platform Edge Orchestrator versions prior to 24.11.1 Description: A protection mechanism failure exists in some Edge Orchestrator software. An authenticated user may be able to enable a denial of service via adjacent acces...

CVE-2025-2492

creationtimestamp| type| source ---|---|--- 2025-04-18 09:59:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12414 2025-04-18 11:15:19+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln3ikwh2cfj2 2025-04-18 11:30:43+00:00|...

Patch Tuesday, April 2025 Edition

Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft's most-dire "critical" rating, meaning malware or malcontents could...

Microsoft and Adobe Patch Tuesday, April 2025 Security Update Review

Microsoft's April 2025 Patch Tuesday has arrived, delivering critical security updates and fixes across the various products, features, and roles. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for April 2025 In this month's Patch Tuesday, April 2025 edition, Microsoft...

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in question are listed below - CVE-2024-20439 CVSS score: 9.8 - The presence of an undocumented static us...

URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days

Microsoft on Tuesday released security updates to address 57 security vulnerabilities in its software, including a whopping six zero-days that it said have been actively exploited in the wild. Of the 56 flaws, six are rated Critical, 50 are rated Important, and one is rated Low in severity...

Linux Distros Unpatched Vulnerability : CVE-2024-56684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: fix wrong use of sizeof in cmdqgetclocks It should be size of the struct...

CVE-2024-38657

creationtimestamp| type| source ---|---|--- 2025-02-11 19:05:13+00:00| seen| https://vulnerability.circl.lu/bundle/85f9fd3a-b2ef-443b-b091-2cad7418236f 2025-02-11 19:13:31+00:00| seen| https://social.circl.lu/users/cedric/statuses/113986844143593949 2025-02-12 04:00:00+00:00| seen|...

Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager

Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager EPM, including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale...

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP

Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code with elevated privileges. "These vulnerabilities pose significant risks, allowing...

Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack

Cisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance ASA that could lead to a denial-of-service DoS condition. The vulnerability, tracked as CVE-2024-20481 CVSS score: 5.8, affects the Remote Access VPN RAVPN service of...