KB5066877: Windows Server 2008 Security Update (October 2025)

The remote Windows host is missing security update 5066877. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...

PT-2025-49053

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the SCMI debug subsystem. If the subsystem fails to initialize, the debug root may be missing, leading to a NULL descriptor. This condition is not...

CVE-2025-11639

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file collectlogs.sh of the component Debug Log S3 Bucket Handler. The manipulation leads to insecure storage of sensitive information. An attack has to be approached locally. The...

CVE-2025-11639 Tomofun Furbo 360/Furbo Mini Debug Log S3 Bucket collect_logs.sh sensitive information

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file collectlogs.sh of the component Debug Log S3 Bucket Handler. The manipulation leads to insecure storage of sensitive information. An attack has to be approached locally. The...

CVE-2025-11639

The CVE-2025-11639 entry affects Tomofun Furbo 360 and Furbo Mini, specifically the collect_logs.sh function in the Debug Log S3 Bucket Handler. The Red Hat/EUVD/NVD and PT Security entries corroborate a vulnerability that enables insecure storage of sensitive information and requires local acces...

CVE-2025-11639 Tomofun Furbo 360/Furbo Mini Debug Log S3 Bucket collect_logs.sh sensitive information

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file collectlogs.sh of the component Debug Log S3 Bucket Handler. The manipulation leads to insecure storage of sensitive information. An attack has to be approached locally. The...

OESA-2025-2385 xml-security security update

The XML Security project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards : - XML-Signature Syntax and Processing; and - XML Encryption Syntax and Processing. Security Fixes: All versions of Apache Santuario - XML Security for Java...

OESA-2025-2380 xml-security security update

The XML Security project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards : - XML-Signature Syntax and Processing; and - XML Encryption Syntax and Processing. Security Fixes: All versions of Apache Santuario - XML Security for Java...

CVE-2025-56675

The EKEN video doorbell T6 BT60PLUSMAINV1.0GC108420230531 periodically sends debug logs to the EKEN cloud servers with sensitive information such as the Wi-Fi SSID and password...

Barco ClickShare Devices Weak Password Requirements (CVE-2019-18828)

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account present for access via debug interfaces, which are by default not enabled on production devices of the embedded Linux on the ClickShare Button is using a weak password. This plugin...

SUSE CVE-2023-53672

In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref BUG Syzbot reported several warning triggered inside lookupinlineextentbackref. CAUSE As usual, the reproducer doesn't reliably trigger locally here, but at...

CVE-2025-34251

Tesla Telematics Control Unit TCU firmware prior to v2025.14 contains an authentication bypass vulnerability. The TCU runs the Android Debug Bridge adbd as root and, despite a “lockdown” check that disables adb shell, still permits adb push/pull and adb forward. Because adbd is privileged and the...

Linux Distros Unpatched Vulnerability : CVE-2023-53639

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath6kl: reduce WARN to devdbg in callback The warn is triggered on a known race condition, documented in the code above the test, that is correctly handle...

SUSE CVE-2023-53623

In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix swapinfostruct race between swapoff and getswappages The si-lock must be held when deleting the si from the available list. Otherwise, another thread can re-add the si to the available list, which can lead to memory...

CVE-2023-53672

In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref BUG Syzbot reported several warning triggered inside lookupinlineextentbackref. CAUSE As usual, the reproducer doesn't reliably trigger locally here, but at...

CVE-2023-53639

In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: reduce WARN to devdbg in callback The warn is triggered on a known race condition, documented in the code above the test, that is correctly handled. Using WARN hinders automated testing. Reducing severity...

UBUNTU-CVE-2023-53672

In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref BUG Syzbot reported several warning triggered inside lookupinlineextentbackref. CAUSE As usual, the reproducer doesn't reliably trigger locally here, but at...

CVE-2023-53672

In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref BUG Syzbot reported several warning triggered inside lookupinlineextentbackref. CAUSE As usual, the reproducer doesn't reliably trigger locally here, but at...

CVE-2023-53672 btrfs: output extra debug info if we failed to find an inline backref

In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref BUG Syzbot reported several warning triggered inside lookupinlineextentbackref. CAUSE As usual, the reproducer doesn't reliably trigger locally here, but at...

CVE-2023-53672

CVE-2023-53672 affects the Linux kernel's btrfs code. When inserting a new inline backref, a WARN_ON() can trigger if the inline backref cannot be found, which is only possible in insert scenarios. The fix enhances debugging by dumping all parameters and the extent tree leaf after the WARN_ON(). ...