378 matches found
PT-2025-49644
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s DRM subsystem related to the dw-hdmi driver and SCDC interface. A change in a previous commit introduced a situation where the incorrect connector was...
Siemens SIMATIC S7-1500 Server-Side Request Forgery (SSRF) (CVE-2022-27780)
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a different URL usingthe wrong host name when it is later retrieved.For example, a URL like http://example.com%2F127.0.0.1/, would be allowed bythe parser and get...
USN-7856-1: Linux kernel (HWE) vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...
Important: Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (AMD)
Red Hat Enterprise Linux AI 1.5 AMD is now available. Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models LLMs for enterprise applications. This container provides NVIDIA hardware enablement and the InstructLab...
Important: Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (Intel Gaudi)
Red Hat Enterprise Linux AI 1.5 Intel Gaudi is now available. Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models LLMs for enterprise applications. This container provides NVIDIA hardware enablement and the...
EUVD-2025-36993
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
CVE-2025-55039 Apache Spark, Apache Spark: RPC encryption defaults to unauthenticated AES-CTR mode, enabling man-in-the-middle ciphertext modification attacks
This issue affects Apache Spark versions before 3.4.4, 3.5.2 and 4.0.0. Apache Spark versions before 4.0.0, 3.5.2 and 3.4.4 use an insecure default network encryption cipher for RPC communication between nodes. When spark.network.crypto.enabled is set to true it is set to false by default, but...
From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation
Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer MFT that's assessed to have come under active exploitation since at least September 11, 2025. The company said it began its investigation on September 11...
EUVD-2008-6536
Malware in sbrugna...
EUVD-2021-26120
Malware in sbrugna...
EUVD-2008-6667
Malware in sbrugna...
EUVD-2016-5327
Malware in sbrugna...
EUVD-2008-6669
Malware in sbrugna...
EUVD-2008-6666
Malware in sbrugna...
EUVD-2008-6537
Malware in sbrugna...
EUVD-2008-3763
Malware in sbrugna...
EUVD-2017-10300
Malware in sbrugna...
EUVD-2008-6668
Malware in sbrugna...
EUVD-2024-53762
Malicious code in bioql PyPI...
EUVD-2022-35196
Malicious code in bioql PyPI...