SUSE CVE-2026-43372

In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Fix error path in PTP IRQ setup If requestthreadedirq fails during the PTP message IRQ setup, the newly created IRQ mapping is never disposed. Indeed, the kszptpirqsetup's error path only frees the mappings...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fixed a use-after-free of nilfsroot during the process of dirtying inodes via iput. During the unmount process of nilfs2, nothing holds the nilfsroot structure after nilfsdetachlogwriter releases it. Previously, nilfsevic...

cosmic-greeter 安全漏洞

Cosmic-Greeter is a login manager open source from Pop!OS. Cosmic-Greeter has a security vulnerability, which stems from privilege disposal or reduction errors, as well as race conditions. This could allow attackers to reacquire discarded privileges and exploit the competing check logic...

Echo-Mate 安全漏洞

Echo-Mate is a desktop robot and AI assistant developed by Kingham Xu. Previous versions of Echo-Mate, including V250329, had security vulnerabilities that stemmed from the reuse of released components after their disposal...

The Shit 安全漏洞

The Shit is a command-line utility developed by AsfhtgkDavid, designed for automatically detecting and fixing common errors in shell commands. Versions of The Shit prior to 0.2.0 contained security vulnerabilities, which stemmed from improper privilege disposal. These vulnerabilities could...

PT-2025-52998

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists when removing provided buffers in the io uring functionality. Specifically, io buffer structs are not properly disposed of, leading to a memory leak. These structs a...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in DisposalDaemon.java. In high-core environments under heavy load, the disposal thread can fall behind and allow excessive memory use. Note This issue was reported for environments...

BELL-CVE-2025-38472

Bulletin has no description...

Out With the Old, In With the New: Securely Disposing of Smart Devices

So, what did you get for Christmas this year? Hopefully you received some cool smart technology, or maybe you just upgraded your smart camera or voice assistant to a newer model or version. If you upgraded to a new model or version, what is your plan for the old device? Is it still working or is ...

CVE-2024-26866 spi: lpspi: Avoid potential use-after-free in probe()

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

rockriverdisposal.com Cross Site Scripting vulnerability OBB-3226316

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Sierra Wireless AirLink Mobility Manager 安全漏洞

Sierra Wireless AirLink Mobility Manager is a leading end-to-end network management solution from Sierra Wireless Canada that provides simplified, remote and real-time mass configuration, control and troubleshooting of all in-vehicle AirLink routers and gateways, connected mobility assets and...

Morgan Stanley's years-long "extensive failure" to protect customer data ends in huge fine

On Tuesday, the Securities and Exchange Commission SEC charged financial company Morgan Stanley a $35M fine for "the firm's extensive failures, over five years, to protect the personal identifying information, or PII, of approximately 15 million customers. The company agreed to settle the penalty...

clinicaldisposal.com Cross Site Scripting vulnerability OBB-2147316

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

What To Do With Dead Mac Internal SSD To Protect Your Privacy

By Owais Sultan The best way to get rid of the information on your SSD is to shred it. You can do it by yourself or have it shredded at a recycling center. This is a post from HackRead.com Read the original post: What To Do With Dead Mac Internal SSD To Protect Your Privacy...

CVE-2021-28687

HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of...

CVE-2021-28687

CVE-2021-28687 concerns Xen hypervisor in HVM domains. The issue arises from a path where the soft-reset feature does not initialize the libxl__domain_suspend_state structure, causing an assert when the guest initiates a soft reboot. This leads to crashing of the process monitoring the guest. Imp...

Housemates. The new Red Team?

You have the VPN set up, you have 2FA, you have a good enforced password policy, firewalls are in place, you even managed to squeeze in some remote training to make employees more aware of potential phishing. You stop, breathe a sigh of relief, and then think… I've no idea who my employees live...

Old Tech Spills Digital Dirt on Past Owners

In a test of how well businesses wipe data on old devices, Rapid7 researcher Josh Frantz purchased 85 old gadgets from businesses. In total, he paid $600 for an aging collection of old computers, flash drives, phones and hard drives. What he discovered was that despite decades of the infosec...

PHPMiniAdmin Database Open Vulnerability

PHPMiniAdmin is a lightweight MySQL database management tool written in PHP. The tool supports common functions such as importing and exporting databases and executing SQL statements. An open database vulnerability exists in PHPMiniAdmin. An attacker can exploit the vulnerability to leak data,...