CVE-2025-7427

Uncontrolled Search Path Element in Arm Development Studio before 2025 may allow an attacker to perform a DLL hijacking attack. Successful exploitation could lead to local arbitrary code execution in the context of the user running Arm Development Studio...

CVE-2025-7427 Uncontrolled Search Path Element in Arm Development Studio before 2025

Uncontrolled Search Path Element in Arm Development Studio before 2025 may allow an attacker to perform a DLL hijacking attack. Successful exploitation could lead to local arbitrary code execution in the context of the user running Arm Development Studio...

CVE-2025-7427 Uncontrolled Search Path Element in Arm Development Studio before 2025

Uncontrolled Search Path Element in Arm Development Studio before 2025 may allow an attacker to perform a DLL hijacking attack. Successful exploitation could lead to local arbitrary code execution in the context of the user running Arm Development Studio...

CVE-2025-7427

CVE-2025-7427 concerns an Uncontrolled Search Path Element in Arm Development Studio prior to 2025, enabling a DLL hijacking scenario that could lead to local arbitrary code execution in the user’s context. The root cause is a mismanaged search path element in Arm Development Studio, with failure...

PT-2025-30393 · Arm · Arm Development Studio

Name of the Vulnerable Software and Affected Versions: Arm Development Studio versions prior to 2025 Description: An uncontrolled search path element exists in Arm Development Studio that may allow an attacker to perform a DLL hijacking attack. Successful exploitation could lead to local arbitrar...

Arm Development Studio 代码问题漏洞

Arm Development Studio is a software development tool designed for the Arm architecture from Arm UK. A code issue vulnerability exists in versions prior to Arm Development Studio 2025 that stems from an uncontrolled search path element that could lead to a DLL hijacking attack...

The vulnerability of the SDK – Software Development Kit for product lifecycle management software for Oracle Agile PLM Framework, allowing a perpetrator to access confidential information

The vulnerability of the SDK-Software Development Kit, a software tool for managing product lifecycles in Oracle Agile PLM Framework enterprises, is related to improper authentication. Exploiting this vulnerability can allow an attacker, operating remotely, to access confidential information...

GameForge AI Hackathon 2025: Building the Bridge Between Natural Language and Game Creation

A 72-hour sprint that produced working solutions for one of game development's hardest problems: making it accessible to non-programmers...

MCP Server Tool Poisoning

Model Context Protocol MCP Server Tool Poisoning occurs when malicious actors manipulate tool configurations or metadata on a malicious MCP server. This can lead to the execution of unauthorized commands, data corruption, or the deployment of malicious tools. Such vulnerabilities are particularly...

OAuth Dynamic Client Registration Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible OAuth Dynamic Client Registration endpoint on the target application. OAuth Dynamic Client Registration allows clients to register dynamically with an authorization server and is very common in...

Important: Red Hat Security Advisory: OpenJDK 21.0.8 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

Cloud Cost Conundrum: Rising Expenses Hinder AI Innovation in Europe

...

CVE-2025-53904 The Scratch Channel Has Potential Reflected Cross-Site Scripting (XSS) Vulnerability

The Scratch Channel is a news website that is under development as of time of this writing. The file /api/admin.js contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication...

CVE-2025-53903

CVE-2025-53903 affects The Scratch Channel’s web application, with a cross-site scripting (XSS) vulnerability stemming from unsanitized input in /api/users.js. The issue is addressed by commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb. Public documents describe the vulnerability and fix; exploitat...

Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059 JDK:...

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

PYSEC-2025-69

In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates devel and responsive...

UBUNTU-CVE-2025-53865

In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates devel and responsive...

Exploit for CVE-2025-31125

Vite Exploit CVE-2025-31125 Description: Exploits path tr...

[SECURITY] Fedora 42 Update: python3.6-3.6.15-47.fc42

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...