Nagios Log Server 安全漏洞

Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A security vulnerability exists in Nagios Log Server versions prior to 2024R2.0.3 that stems from the default dashboard not reliably falling back to the empty default dashboard after it...

SUSE CVE-2025-40053

In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle failure of netdevallocskbipalign. If the allocation failed, dereferencing skb-protocol could lead to a NULL pointer dereference. This patch tries to...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-40916)

drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-...

Security Analysis of LTE Connectivity in Connected Cars: A Case Study of Tesla

Modern connected vehicles rely on persistent LTE connectivity to enable remote diagnostics, over-the-air OTA updates, and critical safety services. While mobile network vulnerabilities are well documented in the smartphone ecosystem, their impact in safety-critical automotive settings remains...

CVE-2022-50558 regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new numconfigregs property in regmapaddirqchipfwnode Commit faa87ce9196d "regmap-irq: Introduce config registers for irq types" added the numconfigregs, then commit 9edd4f5aee84 "regmap-irq: Deprecate type...

CVE-2022-50558

CVE-2022-50558 concerns Linux kernel regmap-irq handling where regmap_add_irq_chip_fwnode was not updated to use the new num_config_regs property, risking a NULL pointer dereference in regmap_irq_set_type. The connected documents describe the root cause: the config-regs path introduced by regmap-...

CVE-2022-50558 regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new numconfigregs property in regmapaddirqchipfwnode Commit faa87ce9196d "regmap-irq: Introduce config registers for irq types" added the numconfigregs, then commit 9edd4f5aee84 "regmap-irq: Deprecate type...

Importing vs fetching JSON

This year, JSON module imports became baseline 'newly available', meaning they're implemented across browser engines. import data from './data.json' with type: 'json' ; // And… const default: data = await import'./data.json', with: type: 'json' , ; I'm glad JavaScript has this feature, but I can'...

Deserialization of Untrusted Data

Overview keras is a Keras is a high-level neural networks API for Python.. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the fromconfig method that uses Python’s pickle module as a fall back when weightsonly=False. An attacker can execute arbitrary code ...

Malicious Package

Overview error-fallback is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

UBUNTU-CVE-2025-11561

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

openSUSE Security Advisory (SUSE-SU-2025:03462-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:03462-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2025:03462-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03462-1 advisory. Update to Firefox Extended Support Release 140.3.1 ESR bsc1250452. - Improved reliability when HTTP/3...

Linux Distros Unpatched Vulnerability : CVE-2022-50434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-mq: fix possible memleak when register 'hctx' failed There's issue as follows when do fault injection test: unreferenced object 0xffff888132a9f400 size 512:...

Another Critical RCE Discovered in a Popular MCP Server

Artificial Intelligence development is moving faster than secure coding practices, and attackers are taking notice. Imperva Threat Research recently uncovered and disclosed a critical Remote Code Execution RCE vulnerability CVE-2025-53967 in the Framelink Figma MCP Server. This is just one exampl...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.3.1 ESR bsc1250452. Improved reliability when HTTP/3 connections fail: Firefox no longer forces HTTP/2 during fallback, allowing the server to choose the protocol and preventing stalls on som...

SUSE-SU-2025:03462-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.3.1 ESR bsc1250452. - Improved reliability when HTTP/3 connections fail: Firefox no longer forces HTTP/2 during fallback, allowing the server to choose the protocol and preventing stalls on...

EUVD-2015-2413

Malware in sbrugna...

EUVD-2018-1323

Malware in sbrugna...