EulerOS 2.0 SP13 : sudo (EulerOS-SA-2025-2279)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute...

PT-2025-51649

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s UFS Universal Flash Storage subsystem, specifically within the ufs-qcom component, related to power-down sequences. During UFS device power down,...

[slackware-security] bind

New bind packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.18.41-i586-1slack15.0.txz: Upgraded. This update fixes security issues: DNSSEC validation fails if matching but invalid DNSKEY is...

Ultra-Fast Wireless Power Hacking

The rapid growth of electric vehicles EVs has driven the development of roadway wireless charging technology, effectively extending EV driving range. However, wireless charging introduces significant cybersecurity challenges. Any receiver within the magnetic field can potentially extract energy,...

CVE-2025-60932

Multiple stored cross-site scripting XSS vulnerabilities in the Current Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step Name, Action Step...

Adobe Bridge heap buffer overflow vulnerability (CNVD-2025-24426)

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

Adobe Animate Memory Misreference Vulnerability (CNVD-2025-24424)

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Animate, which can be exploited by an attacker to cause arbitrary code to be executed in the current user environment...

Slackware: Security Advisory (SSA:2025-291-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2025-290-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware Linux 15.0 / current sqlite Vulnerability (SSA:2025-290-02)

The version of sqlite installed on the remote host is prior to 3.50.4. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-290-02 advisory. New sqlite packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

[slackware-security] stunnel

New stunnel packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/stunnel-5.76-i586-1slack15.0.txz: Upgraded. Service-level multivalued options now override rather than append to global defaults,...

[slackware-security] libarchive

New libarchive packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libarchive-3.8.2-i586-1slack15.0.txz: Upgraded. This update contains security fixes and improvements: 7zip: Fix out of boundary...

CVE-2025-62511

yt-grabber-tui is a C++ terminal user interface application for downloading YouTube content. yt-grabber-tui version 1.0 contains a Time-of-Check to Time-of-Use TOCTOU race condition CWE-367 in the creation of the default configuration file config.json. In version 1.0, loadjsonsettings in...

Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2025-24392)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

Adobe Dimension Input Validation Error Vulnerability (CNVD-2025-24213)

Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. An input validation error vulnerability exists in Adobe Dimension, which can be exploited by an attacker to cause arbitrary code execution in the current user environment...

Adobe Framemaker Code Execution Vulnerability

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker version 2020.9, 2022.7, and prior versions, which can be...

Matrix Authentication Service 安全漏洞

Matrix Authentication Service is a user management and authentication system from Element Open Source. A security vulnerability exists in Matrix Authentication Service versions 0.20.0 through 1.4.0, which stems from a logic flaw that could allow an attacker to perform sensitive operations without...

CVE-2025-54283

Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-59269

A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-54268

CVE-2025-54268 affects Adobe Bridge versions 14.1.8, 15.1.1 and earlier and is described as a heap-based buffer overflow that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (the user must open a malicious file). Multiple connected s...