UBUNTU-CVE-2025-39874

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

CVE-2025-39874 macsec: sync features on RTM_NEWLINK

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

CVE-2025-39874

CVE-2025-39874 - Linux kernel macsec feature synchronization race : The issue occurs in macsec feature updates where lower (real) and upper device feature states can become out of sync during ETHTOOL_SFEATURES handling, potentially causing a lock in the lower device while updating features. The r...

CVE-2025-39874 macsec: sync features on RTM_NEWLINK

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

WordPress plugin WP Compress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-38794

Name of the Vulnerable Software and Affected Versions Skimlinks versions through 1.3 Description A missing authorization issue exists in the Skimlinks Affiliate Marketing Tool. The issue allows access to functionality that is not properly constrained by Access Control Lists ACLs. Recommendations...

geminabox

It is an offensive tool for RubyGem hosting. The repository contains a simple RubyGem hosting system called Gem in a Box. It allows users to host their own RubyGems, and it includes features such as user authentication, gem versioning, and a web interface for browsing and downloading gems. The to...

Introducing Enhanced User Interface for Qualys PCI DSS 4.0 ASV Compliant Solution

We’re excited to introduce the new Qualys PCI ASV user interface, built to deliver a smarter, faster, and more intuitive experience. The redesigned PCI ASV UI helps you simplify PCI DSS 4.0 compliance, save time, and reduce audit-related stress. This major update improves usability, streamlines...

Characterizing Phishing Pages by JavaScript Capabilities

In 2024, the Anti-Phishing Work Group identified over one million phishing pages. Phishers achieve this scale by using phishing kits -- ready-to-deploy phishing websites -- to rapidly deploy phishing campaigns with specific data exfiltration, evasion, or mimicry techniques. In contrast, researche...

Apple macOS Tahoe 安全漏洞

Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...

SUSE CVE-2025-39770

In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6CSUM When performing Generic Segmentation Offload GSO on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the...

CVE-2025-55050

CWE-1242: Inclusion of Undocumented Features...

CVE-2025-39770

In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6CSUM When performing Generic Segmentation Offload GSO on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the...

UBUNTU-CVE-2025-39770

In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6CSUM When performing Generic Segmentation Offload GSO on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the...

CVE-2025-39770 net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM

In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6CSUM When performing Generic Segmentation Offload GSO on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the...

CVE-2025-39770 net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM

In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6CSUM When performing Generic Segmentation Offload GSO on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the...

Fraud Detection and Risk Assessment of Online Payment Transactions on E-Commerce Platforms Based on LLM and GCN Frameworks

With the rapid growth of e-commerce, online payment fraud has become increasingly complex, posing serious threats to financial security and consumer trust. Traditional detection methods often struggle to capture the intricate relational structures inherent in transactional data. This study presen...

Flow-Based Detection and Identification of Zero-Day IoT Cameras

The majority of consumer IoT devices lack mechanisms for administrators to monitor and control them, hindering tailored security policies. A key challenge is identifying whether a new device, especially a streaming IoT camera, has joined the network. We present zCamInspector, a system for...

Linux Distros Unpatched Vulnerability : CVE-2024-51484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens wh...

CVE-2025-54255 Acrobat Reader | Violation of Secure Design Principles (CWE-657)

Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Violation of Secure Design Principles vulnerability that could result in a security feature bypass impacting integrity. An attacker does not have to be authenticated. Exploitation of this issue does not...