Microsoft Windows Routing and Remote Access Service 缓冲区错误漏洞

Microsoft Windows Routing and Remote Access Service is a network service from Microsoft Corporation USA that is used to implement features such as network routing, virtual private networks VPNs, and dial-up connections. A buffer error vulnerability exists in Microsoft Windows Routing and Remote...

Baicells多款产品 安全漏洞

Baicells Nova 436Q and others are products of Baicells, Inc.Baicells Nova 436Q is an advanced dual-carrier outdoor eNodeB eNB. Baicells Nova 227 and others are products of the company.Baicells Nova 227 is a miniature base station.Baicells NEUTRINO430 is an LTE base station. A security vulnerabili...

PT-2025-36548

Name of the Vulnerable Software and Affected Versions: Fiori app Manage Payment Blocks affected versions not specified Description: The Fiori app Manage Payment Blocks does not perform the necessary authorization checks. This allows an attacker with basic user privileges to abuse functionalities...

PT-2025-36924

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software includes undocumented features. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

PT-2025-39131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to MACsec feature synchronization on RTM NEWLINK events. Syzkaller identified a condition where the lower network device could become locked when...

ruby-dragonfly

This repository is an offensive tool for Ruby. It is a highly customizable gem for handling images and other attachments, and is already in use on thousands of websites. The tool is designed to generate image thumbnails in Rails and to manage attachments in web applications. It provides a range o...

UBUNTU-CVE-2025-39681

In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrlcpudetect in bspinit helper Since 923f3a2b48bd "x86/resctrl: Query LLC monitoring properties once during boot" resctrlcpudetect has been moved from common CPU initialization code to the...

CVE-2025-39681

CVE-2025-39681 relates to the Linux kernel on x86 with Hygon CPUs. The root cause was a missing resctrl_cpu_detect() call in the Hygon BSP init path after resctrl_cpu_detect() was moved to vendor-specific init code. This caused a division-by-zero in get_rdt_mon_resources() during early boot due t...

Security Bulletin: The IBM® Engineering Lifecycle Management products using WebSphere Application Server Liberty is affected by a denial of service due to Apache Commons FileUpload (CVE-2025-48976)

Summary There is a vulnerability in Apache Commons FileUpload which affects IBM WebSphere Application Server traditional and affects IBM WebSphere Application Server Liberty with the servlet-3.0, servlet-3.1, servlet-4.0, servlet-5.0 or servlet-6.0 feature enabled. Following IBM® Engineering...

SREC: Encrypted Semantic Super-Resolution Enhanced Communication

Semantic communication SemCom, as a typical paradigm of deep integration between artificial intelligence AI and communication technology, significantly improves communication efficiency and resource utilization efficiency. However, the security issues of SemCom are becoming increasingly prominent...

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a denial of service due to Apache Commons FileUpload (CVE-2025-48976)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a denial of service due to Apache Commons FileUpload with the servlet-3.0, servlet-3.1, servlet-4.0, servlet-5.0 or servlet-6.0 feature enabled. Vulnerability Details Refer to the...

BIDO: a Unified Approach to Address Obfuscation and Concept Drift Challenges in Image-Based Malware Detection

To identify malicious Android applications, various malware detection techniques have been proposed. Among them, image-based approaches are considered potential alternatives due to their efficiency and scalability. Recent studies have reported that these approaches suffer significant performance...

Malicious code in monolith-twirp-features-featuresync (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f53c57dca1a60f5e0bcea26028d79bc5d8f4427b2dfb2dc1c29c9babe625a2bb The OpenSSF Package Analysis project identified 'monolith-twirp-features-featuresync' @ 1.0.0 rubygems as malicious. It is considered malicious...

Malicious code in monolith-twirp-features-actors (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis af5da19cc088c1f8c8715fafba484c4ae7ab890004b1f92947ee212b28b0abe1 The OpenSSF Package Analysis project identified 'monolith-twirp-features-actors' @ 1.0.4 rubygems as malicious. It is considered malicious...

MAL-2025-46950 Malicious code in monolith-twirp-features-groups (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f84ce8437ca7734a032fd542e9296762ced4f17846d9f74980c144260a948d9e The OpenSSF Package Analysis project identified 'monolith-twirp-features-groups' @ 1.0.0 rubygems as malicious. It is considered malicious...

Malicious code in monolith-twirp-features-groups (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f84ce8437ca7734a032fd542e9296762ced4f17846d9f74980c144260a948d9e The OpenSSF Package Analysis project identified 'monolith-twirp-features-groups' @ 1.0.0 rubygems as malicious. It is considered malicious...

MAL-2025-46948 Malicious code in monolith-twirp-features-actors (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis af5da19cc088c1f8c8715fafba484c4ae7ab890004b1f92947ee212b28b0abe1 The OpenSSF Package Analysis project identified 'monolith-twirp-features-actors' @ 1.0.4 rubygems as malicious. It is considered malicious...

Malicious code in monolith-twirp-features-featureflaghub (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8fb5fd24604e319bf0fd432162579d9b9ffa30c7eb829de263bccf4f7a04d58b The OpenSSF Package Analysis project identified 'monolith-twirp-features-featureflaghub' @ 1.5.0 rubygems as malicious. It is considered malicio...

MAL-2025-46927 Malicious code in monolith-twirp-features-featureflaghub (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8fb5fd24604e319bf0fd432162579d9b9ffa30c7eb829de263bccf4f7a04d58b The OpenSSF Package Analysis project identified 'monolith-twirp-features-featureflaghub' @ 1.5.0 rubygems as malicious. It is considered malicio...

Malicious code in monolith-twirp-features-core (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 64a205c0d39719b1f698d7f10e7a82d52414defe3390015bda26bd1a60c5522c The OpenSSF Package Analysis project identified 'monolith-twirp-features-core' @ 1.1.1 rubygems as malicious. It is considered malicious because...