Security Bulletin: Multiple Security Vulnerabilities in Spring Framework Affect IBM Sterling B2B Integrator and IBM Sterling File Gateway

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerabilities in Spring Framework Vulnerability Details CVEID:CVE-2025-22233 DESCRIPTION: CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patter...

Spring Framework 安全漏洞

The Spring Framework is an application development framework developed by Spring in a open-source manner. Versions of the Spring Framework such as 7.0.0 and earlier, 6.2.0 and earlier, 6.1.0 and earlier, and 5.3.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the...

RHEL 8 : .NET 10.0 (RHSA-2026:8473)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:8473 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

Microsoft .NET Framework 竞争条件问题漏洞

The Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation. It serves as a development platform for building applications for Windows, Windows Store, Windows Phone, Windows Server, and Microsoft Azure. This platform includes programming...

Frappe 安全漏洞

Frappe is a web development framework based on Python and Mariadb, with integrated front-end pages, developed by the Indian company Frappe. There are security vulnerabilities in versions of Frappe prior to 16.14.0 and 15.104.0. These vulnerabilities stem from allowing unlimited access to Doctype...

Invisible Adversaries: A Systematic Study of Session Manipulation Attacks on VPNs

Virtual Private Networks VPNs are widely used for censorship evasion and traffic protection. VPN users expect to be provided with adequate security protection, and at the same time not be affected by other users connected to the same VPN server, which can be illustrated as the non-interference...

USN-8085-1: .NET vulnerabilities

It was discovered that the .NET Microsoft.Bcl.Memory NuGet package did not properly handle certain malformed Base64Url encoded input. An attacker could possibly use this issue to cause .NET to crash, resulting in a denial of service. This issue only affected .NET 9.0 and .NET 10.0. CVE-2026-26127...

MiracleLinux 7 : qt-4.8.7-8.el7 (AXSA:2020-4554:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4554:01 advisory. qt5-qtbase: Double free in QXmlStreamReader CVE-2018-15518 qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp...

CVE-2020-12480

In Play Framework 2.6.0 through 2.8.1, the CSRF filter can be bypassed by making CORS simple requests with content types that contain parameters that can't be parsed...

Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild

Google on Monday released monthly security updates for the Android operating system, including two vulnerabilities that it said have been exploited in the wild. The patch addresses a total of 107 security flaws spanning different components, including Framework, System, Kernel, as well as those...

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence AI inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. "These vulnerabilities all traced back to t...

RHEL 8 : .NET 8.0 (RHSA-2025:18148)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18148 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

EUVD-2016-7374

Malware in sbrugna...

EUVD-2006-2861

Malware in sbrugna...

EUVD-2014-3377

Malware in sbrugna...

EUVD-2014-3357

Malware in sbrugna...

EUVD-2022-3982

Malicious code in bioql PyPI...

EUVD-2022-2288

Malicious code in bioql PyPI...

USN-7332-2: Linux kernel vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

Vulnerabilities of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio development tools, related to security configuration errors, allow attackers to circumvent existing security restrictions.

The vulnerabilities of Microsoft’s software platforms, such as the .NET Framework, .NET, and Microsoft Visual Studio, are related to security configuration errors. Exploiting these vulnerabilities can allow attackers to circumvent existing security restrictions remotely...