3040 matches found
kernel: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes
In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...
CodeAstro Simple Hospital Management System 安全漏洞
CodeAstro Simple Hospital Management System is a simple hospital management system from CodeAstro. A security vulnerability exists in CodeAstro Simple Hospital Management System version 1.0, which originates from a cross-site scripting attack due to an incorrect manipulation of the parameters Fir...
CVE-2025-50258
creationtimestamp| type| source ---|---|--- 2025-07-03 15:43:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lt32y6nbdf2r...
UBUNTU-CVE-2025-38167
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdrfirstde return value The hdrfirstde function returns a pointer to a struct NTFSDE. This pointer may be NULL. To handle the NULL error effectively, it is important to implement an error handler. This will help...
SUSE CVE-2025-38092
In the Linux kernel, the following vulnerability has been resolved: ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use listfirstentryornull to check if the list is empty...
DEBIAN-CVE-2025-38092
In the Linux kernel, the following vulnerability has been resolved: ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use listfirstentryornull to check if the list is empty...
CVE-2025-5746
creationtimestamp| type| source ---|---|--- 2025-07-02 09:43:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsxwgiyagv2r...
US Supreme Court Upholds Texas Porn ID Law
In a 6-3 decision, the Supreme Court held that age verification for explicit sites is constitutional. In a dissent, Justice Elena Kagan warned it burdens adults and ignores First Amendment precedent...
CVE-2025-6610
A vulnerability was found in itsourcecode Employee Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file /admin/editempprofile.php. The manipulation of the argument FirstName leads to sql injection. It is possible to initiate the attack remotely...
itsourcecode Employee Management System 注入漏洞
itsourcecode Employee Management System is itsourcecode open source employee management system. An injection vulnerability exists in itsourcecode Employee Management System version 1.0, which stems from improper handling of the parameter FirstName in the file /admin/editempprofile.php, which can...
CVE-2025-6417
creationtimestamp| type| source ---|---|--- 2025-06-21 20:45:38+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19128 2025-06-21 23:59:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ls5r46aotd2a...
Optimistic MEV in Ethereum Layer 2s: Why Blockspace Is Always in Demand
Layer 2 rollups are rapidly absorbing DeFi activity, securing over $40 billion and accounting for nearly half of Ethereum's DEX volume by Q1 2025, yet their MEV dynamics remain understudied. We address this gap by defining and quantifying optimistic MEV, a form of speculative, on-chain cyclic...
SUSE CVE-2025-38042
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: Drop skipfdq argument from k3udmaglueresetrxchn The user of k3udmaglueresetrxchn e.g. tiam65cpswnuss can run on multiple platforms having different DMA architectures. On some platforms there can be on...
UBUNTU-CVE-2025-38071
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Check return value from memblockphysallocrange At least with CONFIGPHYSICALSTART=0x100000, if there is 4 MiB of contiguous free memory available at this point, the kernel will crash and burn because memblockphysallocrange...
CVE-2025-5689
A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dm thin: Make getfirstthin use rcu-safe list first function. The documentation in rculist.h explains the absence of listemptyrcu and warns programmers against relying on a sequence of listempty - listfirst in RCU-safe code. This ...
Oracle-Based Multistep Strategy for Solving Polynomial Systems over Finite Fields and Algebraic Cryptanalysis of the Aradi Cipher
The multistep solving strategy consists in a divide-and-conquer approach: when a multivariate polynomial system is computationally infeasible to solve directly, one variable is assigned over the elements of the base finite field, and the procedure is recursively applied to the resulting simplifie...
@nx/azure-cache Vulnerable to Build Cache Poisoning via Untrusted Pull Requests
A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache such as those using Amazon S3, Google Cloud Storage, or similar object storage that allows any contributor with pull request privileges to inject compromised artifacts...
FreeScout Cross-Site Scripting Vulnerability (CNVD-2025-20795)
FreeScout is an ultra-lightweight free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input by the lastname and firstname profile data. No...
Connect with us at the Gartner Security & Risk Management Summit
Security professionals visiting booths scattered around a hall, eager for solutions to today’s top cybersecurity challenges to protect their resources and people. The hum of hundreds of conversations. Presenters in packed sessions sharing expertise, trends, and stories to energize attendees. Few...