CVE-2025-68131

CVE-2025-68131 (cbor2) affects the cbor2 library’s CBORDecoder when reusing a decoder across trust boundaries. Versions 3.0.0–before 5.8.0 may retain shareable-tag (28) values in memory, allowing an attacker-controlled message to read data from earlier decoded messages via the sharedref tag (29)....

Malicious code in veilcord-tls (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron aed8328880d0c346cc1c0c9d51602617be4ea88a7a23878b68164484949555b2 This package decodes a payload and executes it whenever it is imported. It seems to be targeting veilcord package users. Its contents are almost...

[SECURITY] Fedora 33 Update: perl-Convert-ASN1-0.27-21.fc33

Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules...

Oracle WebLogic WLS Security Component Remote Code Execution (CVE-2017-10271; CVE-2017-3506)

A remote code execution vulnerability exists within Oracle WebLogic WLS. This is due to the way Oracle WebLogic handles xml decodes. A successful attack could lead to a remote code execution...